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GOVERNMENT 2.0: 
ADVANCING AMERICA INTO THE 
21ST CENTURY AND A DIGITAL FUTURE 


TUESDAY, APRIL 28, 2009 

U.S. Senate, 

Subcommittee on Federal Financial Management, 
Government Information, Federal Service, 

AND International Security, 

OF THE Committee on Homeland Security 
AND Governmental Affairs, 
Washington, DC. 

The Subcommittee met, pursuant to notice, at 2:30 p.m., in room 
SD-342, Dirksen Senate Office Building, Hon. Thomas R. Carper, 
Chairman of the Subcommittee, presiding. 

Present: Senators Carper and Burris. 

OPENING STATEMENT OF SENATOR CARPER 

Senator Carper. The Subcommittee will please come to order, 
and my thanks to our guests and witnesses for being here today. 
We are going to be joined by Senator McCain shortly. 

Today’s hearing is the latest in a series of hearings that this 
Subcommittee has held to examine the effectiveness of agency in- 
formation technology investments. It is widely recognized that tech- 
nology has transformed the way that we as Americans interact, the 
way we socialize, the way we conduct our business. For example, 
it is becoming more and more common for the average American 
to start the day by firing up their computer rather than by opening 
up a newspaper. 

We have come to expect accurate and reliable information on de- 
mand. Businesses must have an effective presence online in order 
to remain relevant and to remain competitive. If they want to stay 
in touch with their customers and gain efficiencies, they must con- 
stantly seek out and harness the latest technology innovations. 

Similar things could be said about the Federal Government. The 
Obama Administration appears to be filled with some of the most 
tech-savvy men and women to sign up for government service, at 
least in the time that I have been around here. I applaud the Presi- 
dent’s early commitment, including during his time in this body, to 
use technology to make government more transparent and more ef- 
fective. 

I look forward, I think we look forward, to hearing more details 
from Mr. Kundra today about the Administration’s technology 
agenda and how we can make better, more cost-effective use of the 
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latest innovations. I say this because this Subcommittee has exten- 
sively examined two critical issues that call into question the Fed- 
eral Government’s ability to use technological innovation to save 
money, to improve customer service, and to better achieve agency 
missions. 

The first area involves failing IT investments. All too often, agen- 
cy technology investments from something as simple as a new ac- 
counting system to something as complicated as a so-called virtual 
fence on the Mexican border are finished millions of dollars over 
budget, years behind schedule, and not performing as planned. Not 
all, but too many. In fact, many times agencies pay twice the going 
rate for obsolete technology that does not serve their agency’s 
needs or the people that are served by those respective agencies. 

To make matters worse. Congress has often learned about these 
failed projects after it is too late and millions of dollars have al- 
ready been misspent and in some cases wasted. To address this 
problem, I have introduced legislation today, along with Senator 
Susan Collins of Maine, that will give agency leadership and deci- 
sionmakers in Congress the information they need to know wheth- 
er our investment in new technology is making a true impact, the 
kind of impact that is intended. 

Our bill. The Information Technology Investment Oversight En- 
hancement and Waste Prevention Act — and I repeat — no, I do not 
want to repeat that. That is quite a name. But this act would also 
give 0MB new tools that it can use to help agencies fix troubled 
projects hopefully before they fail. 

The second area that often prevents the effective use of tech- 
nology within the Federal Government is the risk we face from 
cyber attacks. Just this morning we had a full Committee hearing 
on this particular issue and concern. But as we know, our Nation 
comes under attack every day by hackers, by cyber criminals, and 
even by other sovereign nations or people within those sovereign 
nations in many cases, I think, with the understanding and the 
permission of their governments. Our oversight has shown that, to 
date, agencies have failed to take necessary steps to ensure that 
sensitive information and critical infrastructure are secure. 

There is no clear evidence today of a significant and disruptive 
cyber attack against the United States, but countries such as Esto- 
nia, Georgia, Australia, and Brazil, among others, have already 
been victims. The technical capability and expertise is available if 
a terrorist group or country that wanted to do us harm decided to 
use it. In fact, it can be easily bought and sold right there on the 
Internet. 

In addition, Americans’ sensitive personal information, as we all 
know, is constantly at risk. A number of agencies store a signifi- 
cant amount of the kind of information that identity thieves and 
criminals might find valuable. Agencies also hold sensitive security 
information. Just last week, we learned that someone had gone on- 
line to steal the plans for the most technologically advanced fighter 
jet, the F-35. I have introduced another bill today to address this 
pressing problem, and that bill, called the U.S. Information and 
Communications Enhancement Act, would organize the Federal 
Government to deal with these 21st Century challenges such as 
cyber threats, among other things, by establishing an office within 
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the White House to coordinate the work of the various agencies in- 
volved in cyber security. 

This legislation would also strengthen the Department of Home- 
land Security’s role in cyber security and give agency security offi- 
cers more authority to enforce and test security standards. 

We look forward to working with our new Administration, the 
Obama Administration and the new team, on these and other 
issues. And when Senator McCain arrives, I will recognize him for 
any statement that he wishes to make, but until that point in time, 
let me just take a few minutes to introduce our first witness who 
has joined us. I very much enjoyed meeting with you earlier this 
week and thank you for spending the time to do that and for being 
here today. 

There is a lot of debate on the pronunciation of your name, so 
let me just try and you just coach me until I get it right. Vivek — 
correct? Is it “Kun’-dra” or “Kun-dra’ ”? 

Mr. Kundra. “Kun’-dra.” 

Senator Carper. “Kun’-dra,” emphasis on the first syllable. 
Thank you. Vivek Kundra was appointed as the first Federal CIO 
of the IJnited States by President Obama in March 2009. In that 
capacity, he directs the policy and strategic planning of Federal in- 
formation technology investments and is responsible for the over- 
sight of Federal technology spending. The Federal CIO establishes 
and oversees enterprise architecture to ensure system interoper- 
ability and information sharing and ensure information security 
and privacy across the Federal Government. 

Mr. Kundra has been recognized among the top 25 CTOs in the 
country — is that true? All right. In the country — and as the 2008 
IT Executive of the Year for his pioneering work to drive trans- 
parency, engage citizens, and lower the costs of government oper- 
ations. 

Prior to joining the Obama Administration, Mr. Kundra served 
in Mayor Fenty’s cabinet as the CTO for the District of Columbia 
and Governor Kaine’s cabinet down in Virginia as Assistant Sec- 
retary of Commerce and Technology for the Commonwealth of Vir- 
ginia. His diverse record also includes technology and public policy 
experience in the private sector and in academia. You must be a 
lot older than you look. That is a very good resume. 

Following the appointment of Mr. Kundra, President Barack 
Obama said these words: “Vivek Kundra will bring a depth of expe- 
rience in the technology arena and a commitment to lowering the 
cost of government operations to this position.” He went on to say, 
“I have directed him to work to ensure that we are using the spirit 
of American innovation and the power of technology to improve 
performance and lower the cost of government operations. As Chief 
Information Officer, he will play a key role in making sure our gov- 
ernment is running in the most secure, most open and efficient way 
possible.” 

I received last night on my way home a copy of your testimony, 
and I had a chance to read it, and I said to you in a short conversa- 
tion we had here before the hearing began that I thought it was 
one of the most lucid, understandable pieces of testimony that I 
have actually read on this subject. I do not know if you write your 
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own material, but if you do, keep it up. If you do not, just hang 
onto the person who wrote this, because it is good. It is good stuff 

All right. With that having been said, I was going to kid you and 
say that we normally swear in our witnesses and ask you to rise 
and take the oath. We do not do that. I will not do that with you. 
We are just going to ask you to take it right from the top. Your 
full statement will be made a part of the record, and once you have 
completed it, we will have some questions. 

Thanks for joining us and please proceed. 

TESTIMONY OF HON. VIVEK KUNDRA,i FEDERAL CHIEF IN- 
FORMATION OFFICER, ADMINISTRATOR, OFFICE OF ELEC- 
TRONIC GOVERNMENT AND INFORMATION TECHNOLOGY, 

OFFICE OF MANAGEMENT AND BUDGET 

Mr. Kundra. Good afternoon, Mr. Chairman and Members of the 
Subcommittee. Thank you for inviting me to testify on how the 
Federal Government can use information technology to change the 
way agencies achieve their missions as well as how information 
technology can enable agencies to spark innovation, interact with 
citizens more effectively, and ensure transparency while reducing 
energy. 

To begin, consider the three major revolutions that have fun- 
damentally transformed society: The Agricultural Revolution, the 
Industrial Revolution, and the Information Revolution. In all cases, 
a fundamental principle holds true: Technology has been pivotal in 
driving structural change. 

In the Agricultural Revolution, stable food production created an 
environment where a person could literally spend an entire lifetime 
within a 25-mile radius of their birthplace. 

The Industrial Revolution brought about an era that enabled 
rapid movement of goods, supplies, and people, which fundamen- 
tally changed the way the economy evolved. The pace of commerce 
quickened, and the world became significantly smaller through 
ships, trains, and planes. 

Today, in the same way that the Industrial Revolution made the 
physical world smaller, the Information Revolution has fundamen- 
tally transformed society. The world is smaller and more connected, 
and information can be shared across the globe in a matter of sec- 
onds in ways that were structurally impossible. New relationships 
and networks can form spontaneously. 

The Federal Government is also going through stages of trans- 
formation as it enters the digital world. First, Federal agencies 
place information online without changing the underlying business 
processes. Essentially, they “webify” the Federal Government. 

In the second phase, the focus shifted to the automation of back- 
end processes and improvement of citizen services and how citizens 
can access those services. However, we have yet to turn these con- 
cepts into reality. 

The next phase, advancing America into the 21st Century and 
realizing the promise of Government 2.0, entails a fundamental 
shift in the interaction between the American people and their gov- 
ernment. It requires a context-driven government. 


^The prepared statement of Mr. Kundra appears in the Appendix on page 41. 
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President Obama has made it clear that we must use technology 
to reform government and to improve the exchange of information 
between the Federal Government and its citizens. Context-driven 
government means that government information and services are 
provided to citizens when and where they need it as they go about 
their daily digital lives. 

For example, a teacher checks her smartphone before heading 
out for the day. An alert flashes, and she realizes it is Earth Day, 
so she decides to walk. On a site that is fed by NOAA data, she 
notices that it may rain and decides to take an umbrella. Using an 
online map, she finds the closest coffee shop on her way to work. 
She pays her mortgage online while she waits and connects to our 
social networking site to make her evening plans. This takes place 
in minutes, yet she has traversed multiple organizations and mul- 
tiple digital destinations. The information and services are simply 
available where needed and when needed. 

Senator Carper. Let me just interrupt. I just thought that was 
a great example. 

Mr. Kundra. We must use context-driven government to bring 
government to its citizens. Access to government services should 
just be another component in a seamless digital experience. Doing 
so not only provides better service to our citizens, but also allows 
the government to leverage existing platforms, therefore lowering 
the cost of government operations. 

As the President has stated, information maintained by the Fed- 
eral Government is a national asset and should be made available 
to the public in a way that is easy to find and ensure that we pro- 
tect the privacy and the security of the data that is being lever- 
aged. Making the information and the operations of government 
more open and accessible will drive accountability, enhance per- 
formance, and also ensure that the American people are engaged. 

Structural change is never easy and will require a strong focus 
on IT governance, from capital planning and investment manage- 
ment to privacy and security. 

On March 26 , the President hosted an online town hall, the first 
of its kind for any White House, and with almost 100,000 partici- 
pants and over 3.5 million votes cast, it was an unprecedented ex- 
perience in public participation. We must and will continue to en- 
gage the American people through such platforms. 

Through the use of social networking tools, increased trans- 
parency of government data, and a strong focus on collaboration, 
we can harness the power of innovation across the government and 
realize the promise of Government 2.0. 

This concludes my testimony, and I will be happy to take any 
questions you may have. 

Senator Carper. Good. Thank you very much for an excellent 
statement. 

I did not think about asking this before, but I did not participate 
in the President’s online town hall meeting that had 100,000 par- 
ticipants and over 3.5 million votes cast. But talk to me about the 
3.5 million votes cast. Were those cast by the participants and they 
just did it over the Internet? How did it work? 

Mr. Kundra. Actually, over the Internet after the questions were 
written, so a lot of people participated by posing questions, and 
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other people — the 3.5 million-plus votes — actually decided to vote 
on the questions that were already put in place and voted up or 
down based on the questions they thought reflected what they 
wanted to know from the President. 

Senator Carper. All right. I have some questions of my own, and 
I would like to ask those now. 

On the campaign trail, there was a lot of discussion, as I am sure 
you will recall, of using technology to make government more effi- 
cient, more transparent, and more secure. In fact, when I was on 
the campaign trail as governor, I remember talking about that a 
long time ago, and again as a candidate for the U.S. Senate. 

Some of these ideas can be seen in the new Recovery.gov website 
that was recently set up and will be tracking stimulus funds down 
to the local level. 

I also understand that you were behind the campaign using tech- 
nologies like YouTube and Facebook to reach new voters. Is that 
true? 

Mr. Kundra. I did not work on the campaign, but working with 
the new Media Team, we are making sure that we get as much in- 
formation out to the people in the right context. 

Senator Carper. All right. Let me just ask, what are some of 
your top priorities that you have for using technology in govern- 
ment? 

Mr. Kundra. Sure. Part of it is recognizing that — let us take 
Facebook, for example. There are 200 million users on Facebook 
out of which 56 million of those users are in the United States. Yet 
the Federal Government continues to make investments in new 
platforms when we could be leveraging some of the platforms that 
exist out there. So the real question for us is to figure out — as tech- 
nology has evolved, there are a set of platforms that already exist. 
How can we ensure, for example, as we advertise jobs, how do we 
make them available on platforms that the American people are al- 
ready using? 

Second from a priority perspective is to look at the $71 billion 
that is already spent today on information technology and back-end 
systems. How do we rationalize those investments and ensure, as 
you mentioned earlier, that those investments actually produce the 
dividends we are looking for, that those projects come on time, on 
budget, and if they do not, that we are willing to make the tough 
choices around either stopping those projects or moving capital to 
where it is most effective? 

Another area is around democratizing data, and what we mean 
by that is take, for example, the Human Genome Project at the Na- 
tional Institutes of Health. When the NIH, working with other 
world bodies, decided to put all that data and that information in 
the public domain, what it did is it spawned a revolution around 
personalized medicine, and you ended up with a pipeline of new 
drugs that were never imagined before for approval in the FDA. 

The same thing with GPS. The Federal Government has a lot of 
data such as the satellites that were released by the military when 
it came to GPS information. What that did, by releasing that infor- 
mation, it spawned a whole new industry to where you could lit- 
erally look on a map and find out where the closest coffee shop is 
or directions from one city to another. 
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So, in essence, making sure that we are doing a better job when 
it comes to the dollars we are spending, the $71 billion in capital; 
second, making sure that we are engaging the American people by 
leveraging some of these new technologies; and, third, ensuring 
that we create a much more transparent and open government so 
that the American people know exactly what is going on in terms 
of their government. 

Senator Carper. All right. When you look ahead for the balance 
of this year and the 3 years that follow, what would be among your 
top priorities for this year and for the 3 years that follow it? 

Mr. Kundra. There are two key areas that we must focus on. 
One is around IT investments. Second is around cyber security. 

As you mentioned earlier, on cyber security we need to ensure 
that the information that exists in our current — whether it is our 
databases or applications and the processes that exist today that 
have helped move the Federal Government to the digital world are 
also safeguarded and that we have taken the proper precautions to 
ensure the security of those systems. So that is vital. 

A big part of what we will be doing is looking at how do we en- 
sure a more secure environment when it comes to computing; and, 
second, how do we ensure that we have a rational approach to IT 
investment across the board. 

Senator Carper. OK. On the next panel, we have your prede- 
cessor, Karen Evans, and I see her here today. Welcome. Nice to 
see you again. Under her leadership, 0MB was able to get the ball 
rolling on what I thought were some very good ideas. Let me just 
ask, how do you propose to build upon some of those successes? 
And are there areas where you plan to make improvements beyond 
those? 

Mr. Kundra. Sure. One of the areas we are looking at is — there 
are two sets of lists right now: The management watch list and the 
high-risk list. So how do we take that to the next level and how 
do we ensure that we are not just looking at lagging indicators but 
leading indicators around problems when it comes to IT invest- 
ment? Or if projects begin to go in the wrong direction, how do we 
get ahead of some of those problems? 

If we look at some of the reports that the GAO has issued around 
some of the recommendations of taking this to the next level, they 
are analyzing how do you get that information faster. And, second, 
from our perspective, how do we ensure that the frequency at 
which information is collected or data is collected is happening at 
a pace that allows us to change the trajectory of those projects? 

If you look at precision guided missiles, for example, one of the 
reasons those missiles actually hit their target is because you get 
constant feedback, a loopback mechanism that lets you know how 
you are performing in relation to where you are. And what we need 
to do is increase the frequency and consolidate into one list for 
some of those investments. 

Senator Carper. You mentioned some analysis just a moment 
ago, and let me just ask, when do you expect to provide the results 
of that analysis? 

Mr. Kundra. We expect to have some of that analysis done in 
the next 2 months. 
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Senator Carper. All right. When you were working down in Vir- 
ginia with Governor Kaine, were you his Chief Technology Officer? 
What was your title? You were part of the Department of Tech- 
nology and Commerce? 

Mr. Kundra. Yes. 

Senator Carper. Which is a logical coupling, hut I am not sure 
if every State follow that model. But in that experience that you 
had, what were some of the challenges that you faced there and the 
resolutions that you reached to those challenges that you think are 
transferable to the work that you will be doing for our country? I 
used to say as governor — in the National Governors Association, we 
had something called the Center for Best Practices where everyone 
who had a good idea, whatever the issue might be, would submit 
it, and then the rest of us could steal that idea and claim it as our 
own. But it was just a great way to identify best practices and find 
contact people in other States that could help us. But when you 
think of some of the things that you were working on in Virginia 
that you think might have relevance to what your new responsibil- 
ities are, what are some of those? 

Mr. Kundra. Some of them are actually around transparency 
and how transparency can drive results. An example would be the 
governor came into office, and with a biennial budget of $70 billion, 
his policy objective was to ensure that small women and minority 
businesses were actually getting a portion of the capital, the set- 
aside that he had. Yet there was no mechanism in the cabinet to 
hold agency heads accountable for those results. And a lot of the 
information around that was based on self-reporting. 

So what we decided to do was we decided to move forward with 
an automated dashboard, and what this dashboard would do, it 
would essentially bypass any self-reporting and would go to what 
we called “the golden source of data.” So literally going to the cred- 
it card companies and figure out how much money were agencies 
spending on credit cards and going to the central procurement sys- 
tems and looking at how much money was being spent. And from 
that dashboard, what we were able to do is once we got that data, 
we were able to display results based on agency, agency head, the 
cabinet, how much money was spent on what businesses, and how 
they were performing. That allowed the governor to literally move 
the needle by over 30 percent in terms of his policy goals. In the 
same way 

Senator Carper. The needle on the dashboard? 

Mr. Kundra. On the dashboard by holding agency heads ac- 
countable, because he realized that by bringing agency heads to the 
office, he was able to say, well, how come these numbers are going 
the wrong way based on his policy guidance? 

In the same way, we believe that more information, trans- 
parency, and greater frequency — we did that on a monthly basis, 
so you could see every single month what was going on as far as 
a trajectory of those investments. So you could make shifts much 
faster rather than on an annual basis, which is what was hap- 
pening before. That is one example. 

Another area that I think also applies to a broader economic 
principle 



9 


Senator Carper. Is that something you could see us doing in the 
Federal Government with this Administration? 

Mr. Kundra. Absolutely. We believe that as we are looking at 
the IT investments, one of the areas we are exploring is how do we 
get as close to real-time data as possible and how do we ensure 
that we can make as much of that information public and available 
to the American people so that we have analysis that is happening 
not just limited to 0MB and the agencies, but the American people 
can hold the government accountable for the investments that are 
being made. 

Senator Carper. OK. I understand another person was recently 
appointed as the Federal Government’s first ever Chief Technology 
Officer. Could you just take a minute or two and describe how you 
and the Chief Technology Officer will interact together? 

Mr. Kundra. Sure. The CIO role is based in the Office of Man- 
agement and Budget and is focused primarily on the oversight of 
IT investments within the Federal Government. 

The CTO’s role is based in the Office of Science and Technology 
Policy, and it is focused on advancing the President’s agenda 
around broadband, health IT, research and development priorities 
for the country. 

The two of us will be working very closely together to advance 
the President’s technology agenda. 

Senator Carper. How will you go about doing that? How will you 
go about ensuring that happens? 

Mr. Kundra. Part of it is we also want to tap into the ingenuity 
of the American people. So with the CTO, being able to convene the 
brightest minds in the private sector, in the NGO community, and 
bringing them together to work closely on some of these policy 
issues and also to look at some of the technologies that are being 
incubated, whether it is in Silicon Valley or all over the country, 
and figuring out what are the leading technologies that can be le- 
veraged within the Federal Government, and also looking at it 
from internally, from within the Federal Government, to see how 
do we spark innovation, how do we find the innovative path when 
it comes to these investments. 

A simple example is something that happened with TSA where 
internally the CIO organization was moving forward on deploying 
potentially a blog solution that would have cost over $70,000. Yet 
one of the folks came there from the web managers’ group and said, 
“Well, we could do this for free.” And they began to leverage a free 
platform rather than spending $70,000 of taxpayer money. 

Across the board there are many examples, and what we need to 
make sure is we are engaging some of the innovative thinking that 
is happening outside the Federal Government, and at the same 
time ensuring that we are sparking that innovation within the Fed- 
eral Government. 

Senator Carper. All right. Thanks. 

As I am sure you have experienced before at the Chief Tech- 
nology Officer in the District here, in the District of Columbia, 
there are a whole lot of problems that can occur when deploying 
technology. This Subcommittee is focused on IT investments that 
many times come in over budget, behind schedule, and underper- 
forming. 
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You have emphasized your interest in increasing transparency — 
you said it again here just a minute ago — in IT investments, but 
we would like to hear about your specific plans for improving the 
oversight of these investments. For example, how will you provide 
more effective oversight for an IT investment? When should Con- 
gress expect to see some changes as a result of your efforts? And, 
finally, do you believe that your office needs any additional re- 
sources or authority? 

Mr. Kundra. Specifically, one of the areas, if we step back and 
look at some of the big structural problems, why do these invest- 
ments go the wrong way or fail in a lot of cases? One is we have 
very poor, in some cases, requirements from the Federal Govern- 
ment. So the Federal Government essentially does not do a good 
job defining what those requirements are. 

Second, we have some runaway contracts that are in place. 

Senator Carper. Some runaway what? 

Mr. Kundra. Contracts. So what ends up happening is a contract 
is awarded that is not fixed price, in some cases, and one of the 
reasons you do that is because you do not know what the require- 
ments are up front. There are cases where you need cost-plus con- 
tracts, but if we know what the requirements are up front, we 
should be able to award fixed-price contracts. That is another area, 
and that is something we are looking at right now to figure out the 
proportion of contracts that are fixed price versus cost plus and 
how those investments — what types of results they yield. 

Senator Carper. Which should be most common, fixed price or 
cost plus? 

Mr. Kundra. Fixed price should be most common, if we know 
what the requirements are up front, we know what the scope is of 
the project. Some of the investments that go south, one of the rea- 
sons is because you end up with 400-plus change orders. So you 
begin with a project that is very simple, yet the scope keeps getting 
larger and larger and larger. So what we need to ensure is we need 
to look at how do we move the agenda towards defining require- 
ments clearly, holding the private sector also accountable when it 
comes to projects, and what I mean by that is, once a contract has 
been awarded, scope has been created, needs have been defined, we 
need to ensure that the companies we have awarded these con- 
tracts to actually deliver on those results. And the way that hap- 
pens is ensuring that there is a degree of engagement, a high de- 
gree of engagement, from both the business side of the house and 
the technology side of the house. If you move in one direction or 
the other too much, what ends up happening is you end up usually 
having a failure in an IT project. You need a high level of engage- 
ment from the technology folks, and you need a high level of en- 
gagement from the business side. 

The way we want to move forward in that direction is we want 
to be able to hold the CIOs accountable, working with agency 
heads, and providing as much information as possible. And that is 
what we are in the process of doing right now, is rationalizing some 
of those reports to figure out how do we get a greater degree of 
input from the agencies as these projects are moving forward, be- 
cause doing it on an annual basis is not going to be good enough, 
because by the time you find out the requirements have increased 
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or the budget is out of control, it is too late to make any adjust- 
ments. And, unfortunately, for far too long in some cases, we have 
thrown good money after bad money. 

Senator Carper. Now, you may have answered this part of my 
question, but I missed it. Part of my question was the question 
about needing extra resources, additional authority. What did you 
say in response to that part of my question? 

Mr. Kundra. At this point what we are doing is we are trying 
to see whether — if you look at the oversight function, we could 
move towards one direction, which would be infinite resources and 
we are overseeing everything, but the reality is we cannot afford 
faceless accountability. And what I mean by that is we need to be 
able to hold the CIOs accountable who are responsible for being 
technology leaders within agencies. So we need to ensure that 
there are proper resources within the agencies on specific projects. 

From an 0MB perspective, we have the resources right now, and 
as we are rationalizing how the reports are going to work and what 
the frequency of that information is going to be in terms of col- 
lecting, I look forward to working with you to figure out what the 
appropriate solution is going to be in terms of the resources. 

Senator Carper. All right. Fair enough. 

As you know, your predecessor, Karen Evans, was good enough 
to testify before us on several occasions on egregious IT systems 
that simply should never have been approved in the first place. 
However, for one reason or another, projects were still allowed to 
continue and to be funded. 

I understand that you have an extremely powerful weapon at 
your disposal to combat this problem. I understand that your posi- 
tion has the power of choosing to approve or not approve an agen- 
cy’s business cases. 

Are you willing to tell agencies no, especially if they do not plan 
the investment right the first time out? 

Mr. Kundra. Absolutely, and I think given the current economic 
climate we are in, especially now, we have to. We cannot afford an 
environment where we would approve business cases that are not 
well thought out, the requirements are not defined. And, also, we 
need to ensure that we hold those agencies accountable for the in- 
formation that they are presenting to us and the whole ecosystem. 
And the reason you get into a lot of complexity here is because you 
have got an ecosystem of the project managers, the CIOs, the agen- 
cy heads, the vendors, and accountability has to happen at every 
step of the way, and we need to focus a lot more on leading indica- 
tors rather than just lagging indicators. And the more information 
we can get and the more frequently we can get information on the 
health of some of these initiatives, the quicker we can make some 
of those decisions. 

Senator Carper. There is an old saying that if you fail to plan, 
then you should plan to fail. I believe that there is a lot of truth 
to that saying, especially in government — State government, local 
government, or Federal Government. Further, when the Executive 
Branch provides Congress detailed plans, we are better able to hold 
agencies accountable. 
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Will your office be producing any strategic plans on how you ex- 
pect to achieve your priorities? And, second, will you provide these 
plans to Congress so we can keep track of your successes? 

Mr. Kundra. Yes. We are actually working on that as we speak 
as far as one, the agenda; two, rationalizing the reports that we 
have talked about; three, in terms of what we are doing as far as 
our transparency initiatives and the results we hope to produce as 
a function of the transparency initiatives; and, also, in terms of the 
path forward, making sure that from an accountability perspective 
how do we measure success from an 0MB perspective. And I look 
forward to working with the new Chief Performance Officer as we 
set out the agenda around technology and innovation across the 
Federal Government, and also the new Chief Technology Officer. 

Senator Carper. All right. After a Subcommittee hearing — I 
think it was last year, maybe July or August, somewhere in that 
range — 0MB developed a website that provided information on all 
information technology investments in the Federal Government. I 
would like to believe that they took that step because we kept pres- 
suring them or encouraging them to give us more information. 
However, I do not believe that the website gives us the information 
that we need. 

For instance, there is relatively little information on whether IT 
projects are millions of dollars over budget or months behind sched- 
ule — or ahead of schedule, for that matter. 

Let me just ask, will you commit to providing Congress with in- 
formation of this nature? 

Mr. Kundra. Yes, Senator, and we plan to actually add more in- 
formation on that website. 

Senator Carper. Can you give us some idea of the timing on 
that? 

Mr. Kundra. Sure. That is a part of our 2-month strategy around 
transparency of the budget and IT investments. 

Senator Carper. All right. Thank you. 

Mr. Kundra, a lot of today’s discussion is focused around Govern- 
ment 2.0. That means that agencies will be embracing new tech- 
nologies to make their jobs easier and hopefully to make citizens, 
the people that we serve, happier. However, the Federal Govern- 
ment does not always move as fast as the private sector. Some- 
times, though, it moves faster. And some of that is purposeful — 
that is, the government should not always move as fast. But we do 
not want the government to make rash decisions without first 
thinking things through. 

What do you believe are the drawbacks of using new technologies 
in government? And what can we do to address those drawbacks? 
Delaware was the first State to ratify the Constitution. We call 
ourselves “The First State.” So do other people. And our State 
motto is “It is good to be first.” I am always reminded, though, that 
there are some things it is probably not good to be first in. Maybe 
it would be good to be second or third. But what do you believe are 
some of the drawbacks of using new technologies in government? 
And what can we do to address those drawbacks? Or what can you 
do to address them? 

Mr. Kundra. Sure. We definitely want to make sure that the 
government is not moving forward with untested, unproven tech- 
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nologies or technologies, frankly, that will compromise the privacy 
or security of the American people. Therefore, we need to he delib- 
erative, especially when it comes to privacy and security. That is 
one of the reasons within the CIO Council we have enhanced the 
Privacy and Security Subcommittee that is looking at a lot of these 
issues and that is deliberating around what is going on with a lot 
of these new technologies. 

At the same time, what we need to do is we need to recognize 
that the world has changed in terms of innovation and the world 
has changed in terms of leveraging some of these technologies in 
that we can put information out there that will allow the American 
people, the NGOs, and the private sector to actually incubate and 
create solutions that the government would spend either years or 
millions of dollars doing. 

Senator Carper. All right. Thank you. I have a couple more 
questions I want to ask. We have been joined by Senator Roland 
Burris from Illinois. It is great to see you, and you are recognized 
for a statement or for questions that you might have. Thank you 
for joining us. 

OPENING STATEMENT OF SENATOR BURRIS 

Senator Burris. Thank you, Mr. Chairman. Just a brief state- 
ment, Mr. Chairman. I certainly appreciate your comments and am 
looking forward to hearing what the testimony of these experts is 
going to be in terms of our information technology and how that 
is going to impact the work in government, the work in serving the 
people of America. And I know the wealth of knowledge about in- 
formation technologies available to us is impressive. We are fortu- 
nate to have a President who has pledged to rely on this knowledge 
and to embrace technology to help agencies become more efficient, 
transparent, and secure. But I am a believer in the old proverb, 
having grown up and watched computers be created, “Garbage in, 
garbage out.” 

So the technolo^ is only as good as the people who are dealing 
with it, and I am just hoping and praying that we do have the ex- 
pertise and the knowledge with these appointments by the Presi- 
dent that they will make sure that we do not get any garbage going 
into those computers. 

What do you think about the creation of a cyber czar? Do you 
have any thoughts or comments on that? We have a chief technical 
officer and a chief information officer. What will the creation of 
these positions do to ensure the government use of information 
technology will make us more secure? 

Mr. Kundra. Sure. On the cyber czar, I have actually been work- 
ing closely with Melissa Hathaway, who is leading that effort, and 
those recommendations are forthcoming. She is just in the middle 
of finishing up her 60-day review and will be presenting her find- 
ings to the President around the creation of whether it is a cyber 
coordinator or the right posture for the United States when it 
comes to cyber security. 

But you make a good point. Senator, around information tech- 
nology and making sure that we focus on — especially with the CTO 
and the CIO role — not just technology, but technology is nothing 
more than an enabler towards business needs and common prob- 



14 


lems. And we also have to recognize that technology is not going 
to solve everything. There is a huge digital divide problem, and we 
need to realize that as we move the U.S. Government towards a 
distal future, when we talk about Government 2 . 0 , we have to do 
it in a context of recognizing that there are people, unfortunately, 
who do not have access to communications networks, that unfortu- 
nately the digital divide in some of the investments that are being 
made, who are not going to be able to engage in this digital world; 
and also recognizing that those communities with accessibility 
issues, we have to also ensure that as the government moves in 
this direction, it keeps everything in mind in terms of the various 
constituencies that we have to ensure we are protecting and we are 
providing information and services in multiple formats and mul- 
tiple ways. 

Senator Burris. What are the biggest challenges to advancing 
our technology needs at the Federal and executive levels of govern- 
ment? What are your challenges? 

Mr. Kundra. Some of the biggest 

Senator Burris. And do not tell me money. 

Mr. Kundra. No. I believe that some of the biggest challenges, 
frankly, are making sure that the Federal Government is doing a 
good job defining what problem it is trying to solve. As we talked 
about earlier, you cannot just buy technology for technology’s sake. 
It has to be grounded deeply in a business problem, and that is 
why, as I mentioned earlier, it is vital that there is a high level 
of engagement both with the business side on the Federal Govern- 
ment end and the technology side. If the business side is not going 
to be leading with the technology side, you end up with failures in 
technology projects. 

Senator Burris. We were at a hearing earlier this morning — I 
think, Mr. Chairman, that was about cyber security. 

Senator Carper. Cyber security. 

Senator Burris. And I am just wondering whether or not we 
have cyber security issues here with all these technology experts. 
I raised a question in that hearing this morning about the possi- 
bility of the old saying, being an accountant and an old bank exam- 
iner, one thing I would look for was double bookkeeping to see if 
there were some double records being kept somewhere. I just won- 
der in terms of your computer or technology experience, in terms 
of cyber security, whether or not that is something that is on the 
drawing board, in the making, where we can get security by run- 
ning two systems simultaneously and one of them is a false system, 
which would give misleading information if they were to break into 
it and crack it, and the other one, of course, would be a little bit 
more secure, and they will not know which one to be cracking into. 

Have you heard anything in that area going down in that field? 

Mr. Kundra. Sure. In security, there is this concept of honey 
pots, essentially. What they are designed to do is create an envi- 
ronment where hackers come in and are caught because they are 
attacking the wrong systems. And that allows the government to 
become smarter about the types of attacks, what is going on, and 
how to confront some of those realities. But at a macro level, there 
is a trend, obviously, as we move to the digital world, whether that 
is our transportation infrastructure, whether that is our health in- 
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frastructure, whether we are looking automation in general, as 
more and more processes move to the digital world, we need to en- 
sure that we are moving forward in a responsible way to safeguard 
those systems and at the same time, as you suggested, ensure that 
we are ever vigilant when it comes to information security. 

Senator Burris. Because you are in Homeland Security where 
some information is going to be pretty vital in what you are doing, 
and I would imagine that would be certainly a source for the hack- 
ers to get into your system, not only Defense or not only the FBI 
or Justice, where they are trying to get some of our secrets, but t^- 
ing to know what type of plans we have. We would certainly be in- 
terested in — I was just hoping as you all start doing your planning 
and budgeting that you all start looking — do you have any honey 
pots in your operation? 

Mr. Kundra. I cannot speak to the security posture, but what I 
can say is that is one of the reasons the President moved forward 
in the very beginning of this Administration with that 60-day re- 
view because we recognize how important security is and how vital 
it is, especially as we move forward into the digital world with all 
these business processes that we were talking absent. 

Senator Burris. Thank you, Mr. Chairman. I might have an- 
other round if you have another round. 

Senator Carper. I am just going to ask maybe one quick ques- 
tion. 

Let us say later tonight folks are coming home from work, or 
whatever, and they turn on their television and they are surfing 
the channels, and they come across this hearing on C-SPAN, and 
you are testifying. And people say, “I wonder what he really does,” 
maybe someone who does not have much of an in-depth under- 
standing of these issues, and most of us who serve here are, to 
some extent, lay people, with a few exceptions. But for folks who 
might be tuning in late, and they say, “What does this fellow do, 
anyway?” A lot of times people ask, especially young people, when 
I go to schools and have town hall meetings, I do them in colleges 
and universities all the way down to elementary school. We usually 
start with the fourth grade because that is when kids in our State 
learn about the Constitution and the three branches of government 
and so forth. 

But one of the questions that is often asked of me, especially by 
young people, is, “What do you do, anyway?” And I always ex- 
plained that, “Well, my job is to help make the rules for our coun- 
try, and that I work with people like Senator Burris and the Presi- 
dent and the Vice President and other colleagues, and our job is 
to help make the rules for our country, just like you have rules in 
your school, in your homes, and so forth.” 

But if someone was able to call in and ask one of these questions 
over the Internet or something and say, “Well, what do you do any- 
way?” How would you explain it so that most American people 
could understand? 

Mr. Kundra. Sure. One way I would put it is that I do three 
basic things. One is to make sure that your government is using 
technology so that you are receiving better services. In the same 
way that you can go on Amazon and buy a book or you can go on 
Facebook and socialize, we want to make sure that we introduce 
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efficiencies within the government so that you are able to leverage 
technology. 

Second is standing for you, the taxpayer, ensuring that your gov- 
ernment is spending money wisely when it comes to investing in 
technology. 

And third is looking at how can the government work differently. 
Even though we have been organized in the physical world in cer- 
tain ways, how can we use technology to do things differently in 
the Federal Government? In the same way from an average citi- 
zen’s perspective, as your life has changed from a personal perspec- 
tive from using the cell phone to E-mail to social networks now, 
how do we ensure that your government is doing the same thing 
and is moving forward to serve you better? 

Senator Carper. Very good answer. 

Senator Burris. Did you ask about tweetering? What is it, 
tweeting? 

Mr. Kundra. Twitter. 

Senator Burris. Is that what you also do in that. Twittering? 

Senator Carper. He was Twittering while I was asking ques- 
tions. He is pretty good. No, not really. But I noticed our next 
panel of witnesses were. We will find out more about that later. 

Anything else you want to add. Senator Burris? Is that it? 

Senator Burris. Yes. 

Senator Carper. OK. Anything else you would like to say before 
you leave? I would ask you, if your schedule allows, to stick around 
for a while during at least a part of the second panel’s presen- 
tation, I think that would be great. Sometimes people feel like the 
Administration people need to run right out of here, and sometimes 
I think they would benefit by sticking around for a little bit. So if 
your schedule allows you to do that, please do for a while. Thank 
you. 

Mr. Kundra. Thank you. Senator. 

Senator Carper. And thanks so much. I am sure some of my col- 
leagues will have questions for the record, and I would just ask 
that you respond to those in a prompt way. Thanks very much. 

Mr. Kundra. Thank you. Senator. 

Senator Carper. And good luck. 

I would ask our second panel of witnesses to come on up and join 
us, and as they approach the witness table, I am going to go ahead 
and make some introductory comments. 

Our first introduction will be for Dave Powner, Director of Infor- 
mation Technology Management at the Government Accountability 
Office — a person we have never seen here in this Subcommittee 
hearing before. Actually, we see him a lot. And I said to Erik Hop- 
kins, who is the principal staff person on the Subcommittee, that 
if we had to pay you and Karen Evans in the last Congress for 
every time you appeared before us, that would run up the Federal 
deficit even higher. 

But in the private sector, Mr. Powner has held a number of exec- 
utive level position in the telecommunications industry. He has 
been instrumental in helping this Subcommittee to provide over- 
sight of risky IT investments. And I know that Mr. Powner has ap- 
peared before us on any number of occasions, but I want to thank 
him again for taking time to come today and to be with us. 
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Our next witness is Karen Evans. Ms. Evans is the former Ad- 
ministrator of the Office of Electronic Government and Information 
Technology at the Office of Management and Budget. Ms. Evans 
previously held Mr. Kundra’s position and oversaw the implemen- 
tation of IT throughout the Federal Government, including capital 
planning and investment control. She is a 20-year veteran of gov- 
ernment service — I think I once commented that she started at the 
age of 12, but a 20-year veteran of government service who has tes- 
tified before this Subcommittee on a number of occasions, and we 
are delighted to have you before us. Thank you for joining us. 

I will just ask ahead of time: Is there life after government? You 
do not have to answer it now, but we will make sure that you have 
a chance here in just a minute. 

Our final witness is Phil Bond, the President of TechAmerica, 
which is one of the broadest U.S. technology associations rep- 
resenting some of America’s most prolific IT companies such as 
Google and Microsoft. Mr. Bond has served in both the private and 
the public sectors, serving as Under Secretary of Technology in the 
U.S. Department of Commerce from 2001, I think — was it 2003? 

Mr. Bond. No, 2004. 

Senator Carper. He also served within the Department of De- 
fense from 1992 to 1999. What did you do in the Department of De- 
fense? 

Mr. Bond. Office of Legislative Affairs for the Secretary. 

Senator Carper. All right. I would like to recognize, first of all, 
Mr. Powner for his statement, and I would ask him and Ms. Evans 
and Mr. Bond to try to keep your statements close to 5 minutes, 
and if you get much beyond that, I will rein you in. But we will 
let it go by a little bit. 

Thank you. Your whole statement will be made a part of the 
record, and I understand you may have oral statements that abbre- 
viate those written statements, but the full statement will be made 
a part of the record. 

Mr. Powner, you are our lead-off witness. Welcome. Nice to see 
you back. 

TESTIMONY OF DAVID A. POWNER, i DIRECTOR, INFORMATION 

TECHNOLOGY ISSUES, U.S. GOVERNMENT ACCOUNTABILITY 

OFFICE 

Mr. Powner. Good seeing you. Chairman Carper, Senator Burris, 
we appreciate the opportunity to testify this afternoon. As re- 
quested, Mr. Chairman, my testimony will focus on OMB’s over- 
sight and transparency of Federal IT projects. 

Mr. Chairman, I would like to thank you and your staff for your 
in-depth oversight you performed over the past several years of 
Federal IT projects. Much progress was made with your oversight 
and Ms. Evans’ leadership and cooperation. That included improve- 
ments in the accuracy and reliability of project business cases, bet- 
ter project planning through the management watch list process, 
identifying high-risk projects with performance shortfalls, and 
using project management tools to better manage cost and schedule 
performance and to oversee contractors. 


^The prepared statement of Mr. Powner appears in the Appendix on page 46. 
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Despite these improvements, many serious problems still exist. 
Many projects are nowhere near their cost and schedule and per- 
formance goals. Every hearing you have held, Mr. Chairman, high- 
lighted hundreds of projects totaling billions of dollars that were at 
risk. And if we had updated information for today’s hearing, I am 
fairly certain that things would not change. 

Transparency of these problems also remains an issue given the 
limited number of high-risk projects that have historically reported 
cost and schedule variance problems. We have too many unquali- 
fied project managers and a lack of engineers and architects on the 
government side. Many IT projects lack basic project management 
discipline. Far too often, the government does not adequately de- 
fine what it wants, manage risk, nor does it oversee and scrutinize 
underperforming contractors. Projects proceed forward with unclear 
baselines and with inaccurate cost and schedule estimates. Project 
business cases and justifications are too much of a paper exercise 
and involve contractors too much, and executives, including CIOs, 
are not always engaged in oversight. 

Given these issues, the new Administration needs to bolster the 
IT workforce, namely, qualified project managers, engineers and 
architects. The Administration needs to have CIOs act like CIOs 
where they have the appropriate authority and accountability. The 
Administration needs to streamline the business case process 
where it is less of a writing exercise. The Administration needs to 
improve governmentwide project management discipline by focus- 
ing on defining requirements well, aggressively managing risks, not 
allowing contractors to be in charge, and using proven tools to bet- 
ter manage cost, schedule, and performance. 

The Administration also needs to better monitor cost and sched- 
ule performance at both the department and agency executive level 
and from the Executive Office of the President for all major IT 
projects. This could be done by leveraging the existing Management 
Watch List and high-risk processes. I would like to stress that 
0MB needs to decide on its oversight approach and promptly im- 
plement it. 

As we have just heard, Mr. Kundra clearly knows the issues, but 
it is unclear what approaches will be used to address them. 

Last, the Administration needs to highlight and swiftly resolve 
major cost and schedule performance issues or deviations by mak- 
ing key executives accountable along with project managers. 

In summary, Mr. Chairman, knowing what to fix is the first step, 
and we would not have this information without your leadership 
and oversight. Thank you. We look forward to working with you 
and the new Administration as they roll out their oversight proc- 
esses. I would like to highlight the need to build off of the progress 
over the past several years to ensure that American taxpayers are 
getting the right return on the $70 billion investment the govern- 
ment is currently spending. 

I would be pleased to respond to questions. 

Senator Carper. We will have some in just a few minutes. 
Thank you for being here. Thanks for your testimony again and 
again. You are the gift that keeps on giving, so we are grateful for 
that. 

Ms. Evans, please proceed. 
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TESTIMONY OF KAREN S. EVANS, ^ FORMER ADMINISTRATOR, 

OFFICE OF ELECTRONIC GOVERNMENT AND INFORMATION 

TECHNOLOGY, OFFICE OF MANAGEMENT AND BUDGET 

Ms. Evans. Good afternoon, Mr. Chairman and Members of the 
Subcommittee. I am pleased to be invited back to share my views 
on “Government 2.0: Advancing America into the 21st Century and 
a Digital Future.” My written testimony includes challenges facing 
the Federal Government and recommendations to meet the expec- 
tations of society, especially today’s generation, which has grown 
up in a networked, collaborative world. Simply put, Mr. Chairman, 
the text message generation is not going to accept a carbon paper 
government. 

I would like to focus my remarks specifically on information chal- 
lenges and cost-effective information technology systems, but first 
I would like to commend the Office of Management and Budget for 
again partnering with the National Academy for Public Adminis- 
tration. In October 2008, 0MB and the CIO Council partnered with 
NAPA to hold the National Dialogue on Health IT and Privacy. 
Starting yesterday, NAPA is hosting a dialogue with the American 
people to address how the Recovery.gov website can be useful to 
the citizens. 

Innovations will happen organically as today’s young people who 
are growing up in a collaborative world move into the Federal 
workforce, but there will be cases where Congress will have an op- 
portunity to break down some of the barriers for the Federal Gov- 
ernment through authorization or appropriation or oversight. For 
example, the Paperwork Reduction Act, which was intended to re- 
duce the burden of collecting information from the public, effec- 
tively prevents agencies from gathering feedback or user-generated 
content online. Adding a website survey requires an approval proc- 
ess which includes a public comment period. So it is a Catcli-22. 
We have to ask the public to comment on whether the government 
can ask for comments. 

Currently, there are two provisions in appropriations law which 
prohibit agencies from competitively procuring IT systems from 
shared service centers, and the use of persistent cookies on Federal 
websites disables a wide range of Web 2.0 applications. If Congress 
wants to move the government into a Web 2.0 world, these laws, 
regulations, and procurement rules will need to be rewritten. 

Congress, GAO, 0MB, and Federal agencies have focused a con- 
siderable amount of time and effort on ensuring investments in IT 
are selected wisely, managed effectively, and delivered successfully, 
and yet agencies continue to struggle. The disciplines of capital 
planning and investment management are insufficient to fully ad- 
dress today’s IT investigation challenges. 0MB and agency heads 
alike would be well served if agencies could provide a composite 
view of their IT program, a road map of prioritizing their system 
investments which maps to the agency’s strategic plan. To do this, 
agencies should bolster the role of department-level CIOs beyond a 
mere pass-through of business cases to 0MB. They should equip 
and empower the CIO to provide meaningful investment analysis, 
strategy, and oversight, and not to continue to allow component 


^The prepared statement of Ms. Evans appears in the Appendix on page 60. 
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agencies to disregard departmental policy and direction by invest- 
ing in IT independently of the department or the governmentwide 
strategy. 

Earned Value Management (EVM) is often touted as the magic 
bullet solution to project management cost and overruns. This is 
not necessarily my experience. EVM is an industrial-strength solu- 
tion for managing large-scale systems development efforts. It is not 
well suited or intended for small and medium-size projects. How- 
ever, I do believe all IT investments should be held accountable for 
managing their cost, schedule, and performance on a routine basis 
perhaps using an Earned Value Management or Earned Value 
Management-lite tracking system. 

Too much emphasis is being put on to adhere to the “original,” 
“programmatic,” “performance measurement,” or “current” baseline 
reporting. Rather, we should actively engage in risk awareness and 
management, and we should apply strategies to invest in less 
large-scale, long-term, and perhaps grandiose systems development 
efforts. 

When addressing the 21st Century Government, we should build 
on the foundation in place. In 2004, GAO identified 13 major areas 
of responsibilities for CIOs, whether they were statutory require- 
ments or critical to effective information and IT management. 
Whereas people commonly associate the CIOs with computers and 
information technology, a review of these 13 responsibilities makes 
it clear a CIO manages the information. And to be successful, the 
CIO must address all of them, from privacy and security to records 
management. They should not and cannot pick and choose which 
ones they will address, but they need to ensure they address them 
all. 

Mr. Chairman and Members of the Subcommittee, this concludes 
my statement, and thank you again for the opportunity to appear 
before the Subcommittee. I would be pleased to answer questions 
at the appropriate time. 

Senator Carper. Thank you, ma’am. Thanks very much for your 
testimony and for being with us again today. 

Mr. Bond. 

TESTIMONY OF PHILLIP J. BOND,i PRESIDENT, TECHAMERICA 

Mr. Bond. Thank you, Mr. Chairman and Senator Burris. It is 
a pleasure for me to be with you. I want to thank you for the op- 
portunity to talk about how government can use new Web 2.0 tech- 
nologies and management practices. 

With over 1,500 member companies, TechAmerica is the largest 
advocacy organization for the technology community, with 17 re- 
gional offices and affiliates in most States, including. Senator 
Burris, a regional office in Chicago, I wanted you to know. We are 
happy to testify here today because we fundamentally believe that 
the government has a very important role to play in spurring fur- 
ther innovation in, and adoption of, Web 2.0 technologies. And as 
we look around the world, we sometimes see other governments 
leading the way in spurring this innovation — innovation in a dig- 


^The prepared statement of Mr. Bond appears in the Appendix on page 69. 
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ital world that was largely created here in the United States. Let 
me give you three quick examples. 

New Zealand has launched an “e-initiatives” wiki, meaning that 
people can comment there, which replaced an older and static 
model for tracking progress of their e-government initiatives. 

As of April 24 , almost half a million people are following the 
daily activities of the U.K. Prime Minister on Twitter. There is 
Twitter for you. Senator Burris. 

And Sweden has opened a virtual embassy on Second Life. 

Here in the United States, we see many States and localities 
moving along this front. Certainly Vivek Kundra led some of those 
in the District of Columbia. 

Nearby in the Commonwealth of Virginia, they have RSS feeds 
for 34 different kinds of information, including local news, employ- 
ment opportunities, and legislative information. Many of the Vir- 
ginia State Government agencies post videos directly onto 
YouTube. 

Similarly, the State of California Franchise Tax Board has used 
YouTube as a venue to put videos out explaining tax regulations. 

Recently, with the flooding of the Red River, citizens across the 
North and South were able to share information directly with one 
another, uploading videos and other real-time information using 
web and video blogs and social networking. 

In Los Angeles, first responders there have used Twitter and 
Google Earth to plan and allocate resources in responding to 
wildfires there last year. 

There are Federal examples, to be sure. FEMA and NASA, 
among others, use Second Life. CDC has launched a swine flu in- 
formation piece on Twitter. GSA has an important new agreement 
with Facebook, making that available to agencies. But the embrac- 
ing of these is often slower and hindered, as Ms. Evans just re- 
ferred to, by older regulations. 

Our observation among our companies is that the Web 2.0 phe- 
nomenon is growing. It will create jobs and economic growth, and 
it is one of the reasons our economy has traditionally been so dy- 
namic. But to fully realize the potential, we believe America needs 
to recognize the following: 

First, our Nation’s lead in technology and innovation is slipping. 
The world is getting more competitive. 

Second, we do need more people with access to broadband serv- 
ices, whether on the wire or wirelessly. 

There are also, we believe, insufficient identity management poli- 
cies so that government can know the person is who they say they 
are. 

And then we would also point out, as Senator Burris and the 
Chairman both have pointed out today, that legitimate, very legiti- 
mate information security concerns, cyber security concerns, can be 
sometimes seen as an impediment or a reason not to adopt some 
2.0 technology. 

By the way, we also believe that a smart government cyber secu- 
rity strategy can address those concerns and hasten the deploy- 
ment of 2.0 technologies. 

There are some challenges specific to the government I would 
like to mention. The Federal IT budget and uncertainty of that or 
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government by CR is certainly one problem. Some Federal procure- 
ment laws and regulations and acquisition practices we believe, 
frankly, do not allow agencies to keep up with the latest tech- 
nology. They are often a generation behind. Outdated systems and 
disparate infrastructures render them unable to use some of the 
latest technologies that are available through social networking ca- 
pabilities. And last, and certainly not least, here I want to mention 
something that Mr. Powner mentioned, which is the shorthanded 
procurement corps. The professional procurement corps of the Fed- 
eral Government is dramatically shorthanded, and many of them 
will be retiring. 

So we would like to put forward the following recommendations, 
some of which have already been made by the Federal web man- 
agers last year. 

One, the Administration should require software and social net- 
working strategies from the different agencies. 

Second, we believe that 0MB and 0PM should update Federal 
guidance to individual users and the agencies on the use of social 
networks and the software involved there. 

We believe Congress and the Administration should consider al- 
lowing a percentage of the savings from successful technology 
projects to be available for the enterprise- wide challenge that the 
CIO Council and others have identified because that kind of fund- 
ing is sometimes very hard to get. 

And, finally, we believe that the GSA example with Facebook, a 
single set of terms and agreements that can apply to other agen- 
cies, is the kind of model that the Administration should look at 
for all social media and social networking that is out there. 

So, with that, Mr. Chairman, let me again join the others in com- 
mending you and the Subcommittee for this important hearing and 
subject, and thank you for the opportunity. I look forward to any 
questions. 

Senator Carper. Thank you, Mr. Bond. 

Mr. Kundra has been good enough to stay with us. I think I see 
him in the audience still. And while he is still here, not to embar- 
rass him or anybody else, but really to try to get some advice or 
counsel or guidance from this panel to a new Administration, the 
point person of a new Administration, let me just ask — maybe start 
with Mr. Powner — what you heard in Mr. Kundra’s presentation 
that you found was especially encouraging. And if you have any ad- 
vice to him in his new responsibilities, for him and the team he 
will be leading in this Administration, what advice might you have 
for him? 

Mr. Powner. Well, I think clearly the use of Internet-based ap- 
plications and the Internet to provide services to citizens, that is 
a great approach, and we need to move forward with that. In fact, 
Mr. Chairman, we have had several hearings — the Census Bureau, 
that is one that comes to mind, where we could more effectively use 
the Internet to conduct the census. So that is one good example 
right there. 

So all that is, I think, pushing the ball forward and using the 
technologies that are out there to provide services to citizens. 

I think the one thing, though, that is the real challenge is getting 
our arms around the $71 billion and the problems we have had 
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with cost and schedule delivery, getting the right governance proc- 
esses in place. Whether it is extending what Ms. Evans has done 
with the watch list and high-risk list, or creating a new dashboard 
that was mentioned, that is going to be real important to make 
sure that we wisely spend the American taxpayers’ dollars. 

Senator Carper. All right. Thank you. 

Ms. Evans, I believe Mr. Kundra is your successor. Is that a fair 
statement? 

Ms. Evans. Yes, sir. 

Senator Carper. I do not know if you have the opportunity to do 
turnover. When I turned over the State of Delaware to a new gov- 
ernor, she had been our Lieutenant Governor and there was not a 
great deal of need for turnover. But when I succeeded Mike Cas- 
tle — he became Congressman, I became governor in 1993 — there 
was a lot of turnover, and it was very helpful to me. But when I 
was in the Navy, we used to actually turn over almost like a log 
from one squadron to the other, from one ship to the other, and we 
called it a “turnover log.” 

But what kind of opportunities for turnover do you have from 
one Administration to the next? And what have you been able to 
do here? What did you hear from Mr. Kundra that you are espe- 
cially encouraged by? And what advice or counsel would you have 
for him and his team going forward? 

Ms. Evans. Well, I was encouraged by the priorities of the Ad- 
ministration and the idea and the focus on transparency of the 
data that the Administration is embracing and the use and 
leveraging of existing technologies so that the government is not 
reinventing the wheel over and over again, but leverages what is 
already out there, and bring those services in. 

What we did, the Bush Administration going out, is very similar 
to what you described. We were tasked by President Bush to make 
sure that the transition went as smooth as possible. I probably left 
too many turnover documents for my successor, but he has a great 
team behind him. 

Senator Carper. I am looking to see if he is nodding his head. 
[Laughter.] 

He has a poker face right now. 

Ms. Evans. And I left several boxes with several notes and all 
hearings and what all were the outstanding issues. And it is kind 
of liberating to be here as a private citizen, so I will say that the 
VLJE-IT Tool was put up in response to several of the hearings that 
were here to get transparency into the $71 billion. So I am ex- 
tremely excited about Mr. Kundra and what he is talking about, 
taking it to the next level and rationalizing those investments so 
that they really will produce the results that we need so that those 
programs are successful. 

Senator Carper. All right. Thank you. 

Mr. Bond, what did you hear from Mr. Kundra that you were es- 
pecially encouraged by? And what advice do you have for him? 

Mr. Bond. Yes, very encouraged, Mr. Chairman. I think there is 
a high level of excitement about his appointment and some of the 
others, folks who really, as we say in the tech sector, “get it.” It 
is clearly a top-tier issue for this Administration, which is welcome 
indeed. 
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In fact, I think one of the reasons they are so encouraged, too — 
not that Karen did not do this, but they are certainly putting in 
the hours. Mr. Kundra met with a cross-section of the tech sector 
last Saturday, which I think is a bit unique to extend his working 
hours in that way. 

I would offer three things, and this may be a bit redundant, and 
pardon the alliteration, but I would say people, procurement, and 
policy. About a third 

Senator Carper. Alliteration is good. 

Mr. Bond. Alliteration is good and memorable, right. People, 
about a third of the Federal employees on board at the end of 2007 
are due to retire by 2012. 

Senator Carper. Say that number again? 

Mr. Bond. One-third of those on board — I am citing GAO here, 
so I am sure it is accurate. One-third of those on board at the end 
of 2007 are eligible to retire by 2012, and that, again, to this pro- 
fessional procurement corps, could be very critical. 

Second, in terms of procurement, we believe that some of the 
milestones and benchmarks built into the procurement process, 
often built in for weapons systems and other large purchases, do 
not necessarily apply and can slow down the process for an inher- 
ently commercial product, like software or other applications. And 
so we would urge a look at that. 

Then on policy, this really is an allusion to cyber security, which 
undergirds all of this and must be a common denominator, and as 
he said, kind of inciting the innovative capability of the American 
people to be part of the process. 

Senator Carper. All right. Thank you for those comments. 

I am going to withhold any further questions at this moment and 
yield to Senator Burris and then maybe come back for some addi- 
tional follow-up questions. 

Senator Burris. 

Senator Burris. Thank you, Mr. Chairman. 

Mr. Bond, please clarify for me, are you a private contractor? Are 
you an adviser? 

Mr. Bond. We are a trade association. Senator Burris. 

Senator Burris. Oh, you are a trade association. 

Mr. Bond. Correct. Right. 

Senator Burris. So you do not have any contract with Federal 
agencies currently? 

Mr. Bond. Correct. We are all private sector members. 

Senator Burris. And, Mr. Powner, you mentioned several issues. 
I do not want to ask you to repeat your testimony, but I was just 
hearing so many problems that you were outlining in order to go 
forward. Would you pick out one or two of those again? 

Mr. Powner. I think you could summarize the Federal IT prob- 
lems probably in three buckets: 

One, is people. That includes leadership and down to the detailed 
workforce where we are looking at program managers, engineers, 
and architects. We do not have enough good folks in those positions 
across the board, and that is why it is so difficult to oversee these 
contracts. We see it time and time again. So, one, it is people. 

Two, it is processes. Do we have the right processes? I think Mr. 
Kundra mentioned about not defining well what we want. Require- 
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ments definition and management on Federal IT projects is poor 
with many of these projects and the root cause for why many of 
them fail. 

And then, I think, third is many times we do not hold executives 
accountable from the CIOs to the agency heads. We blame project 
managers and program managers when problems occur. 

So it is people, processes, and governance. 

Senator Burris. And this has been going on, I assume, for some 
time for it to get to the position where there is a critical mass of 
problems. 

Mr. PowNER. Well, we have made strides. Ms. Evans, in her posi- 
tion, did an annual assessment of the workforce and attempted to 
shorten those gaps that we had. And there has been progress in 
some of those areas, but there is still a ways to go in all three. 

Senator Burris. Mr. Bond. 

Mr. Bond. I just wanted to throw out one additional point there 
in regards to people, and that is this observation: It is very hard 
for those folks who make their full-time living in the technology 
sector to stay abreast of all the changes, and so one of the great 
needs, we believe, is training resources for those folks in the Fed- 
eral Government, because the change is coming so rapidly on so 
many fronts, it requires some real training to stay abreast of all 
that. 

Senator Burris. I wish you could see my notes up here, Mr. 
Bond. You just touched right on my notes, because I am saying: 
One, are the staff persons getting the proper training? Two, are we 
keeping up with the equipment, the hardware that would allow 
them to operate? Or is it antiquated? Because it is changing so 
fast. I remember carrying a BlackBerry this big, and my son looked 
at me and said, “Dad, you got a Model T Ford there. Why don’t you 
get a Razor?” — or something he told me to get. And it is happening. 
I assume it is happening also in the government with these pro- 
grams, and this hardware is coming out for us to use. Is this be- 
cause the manufacturers or the industry is driving this new tech- 
nology so that we can get rid of it and make some more money and 
get some new equipment in? How are you going to keep up with 
it? 

Mr. Bond. I am sure the other experts here will have some com- 
ments on that. 

Senator Burris. Please. Feel free to comment. 

Mr. Bond. I would say what drives the innovation is the global 
competition, and we should thank our lucky stars that we are the 
most innovative economy on the planet, but that does create a non- 
stop environment of change, which is a challenge. 

Senator Burris. Ms. Evans, do you want to comment, please? 

Ms. Evans. Well, some of what you are describing actually gets 
back to requirements definition, and you do not necessarily want 
to have technology for technology’s sake, but we all use Black- 
Berrys, we all use cell phones and those types of things. And it gets 
back a lot to what Mr. Bond is saying is the procurement issues. 

The life cycle of investments in the Federal Government, they av- 
erage 3 to 5 years. They make sure that they have operations and 
maintenance, and they do 3 to 5 years because it takes that long 
in order to be able to put through a competitive contract that goes 
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out there and adheres to all the Federal procurement rules. And 
when you step hack even further, you have to work with procure- 
ment staff, and there are not a lot of procurement staff there. So 
you have to get in line with your procurement requirements along 
with all the mission ones that have to do things that have already 
been mentioned, like the virtual fence and those types of mission- 
specific things or putting things up in order to deal with a pan- 
demic, like what we are talking about today. And so they have to 
prioritize what their procurements are. 

So the IT people a lot of times, their investments go down be- 
cause the idea is if it is not broken, then do not fix it because we 
had such a terrible time the last time you transitioned us over to 
a new technology. 

So the agencies have a tendency not to introduce widespread up- 
grades but phase them in for a multitude of reasons. 

Senator Burris. Not only transitioning into new technology, but 
how about transitioning to a new Administration. Like you said, 
you just left your position, and the question — are there some major 
programs that were good that you were working on that have not 
really been complete, and the incoming Administration can pick up 
on those programs and complete them so there would be a con- 
tinuity there, and as the continuity comes with the updated or 
modern hardware and technology come with the continuity? Is that 
the best that should happen or is supposed to be happening? 

Ms. Evans. That would be the best that would happen, and I 
would like to highlight an example of that going on right now. 

For example, Grants.gov, that is one-stop shopping for all grant- 
ees to know where all the opportunities are for the Federal Govern- 
ment. When the stimulus bill was passed, that grew exponentially. 
So this Administration now is stepping back because of where that 
particular technology solution was and looking not only at the busi- 
ness requirements but the technology itself so that they can lever- 
age it and expand it out and deal with the growth really fast and 
upgrade all the hardware and all the capabilities that are there. 
And that is what they are in the process of doing now. 

Senator Burris. I hear something else, too, Ms. Evans, that we 
are changing the laws probably so fast that technology is not keep- 
ing up with Congress. Am I hearing that 

Ms. Evans. Well, that particular one, but I would suggest that 
there are others that have not changed since 1946. 

Senator Burris. OK. 

Ms. Evans. That would help with moving some of this 

Senator Burris. We should change some laws 

Ms. Evans. There are some that you may want to consider that 
could really help this. 

Senator Burris. To really bring us into the 21st Century. 

Ms. Evans. Yes, sir. 

Senator Burris. And that would be — what is that, 2.2 or 

Ms. Evans. Well, one, I highlighted it in my written testimony, 
but it deals with the Administrative Procedures Act, and that real- 
ly governs how the Federal Government does all its rulemaking. 
And if we really want to move into a transparent process — and so 
even when you talk about Twitter, if a Federal Government em- 
ployee does that as it relates to a rule, there is a whole bunch of 
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procedures that then go into place that they just cannot go on Twit- 
ter and start tweeting with the public about a rule. And they 
should be able to. They should be able to do some of that so that 
you can get a rule out faster so that you can respond to legislation 
that is immediate, like the stimulus bill. 

Senator Burris. My time is up, Mr. Chairman, but I certainly 
have some more questions. But I will not bore the panel with 
my 

Senator Carper. You are not boring them. They are sitting on 
the edge of their seats. I can see from right here. 

Mr. Powner, I know you have testified before our Subcommittee 
on several occasions on exactly this topic, and you stated before 
that 0MB needs to improve its oversight and its management of 
IT spending within agencies. You have been very consistent with 
that. You alluded to this a little bit earlier in the first round, but 
let me just ask you again. What are your thoughts on the Adminis- 
tration’s priorities in this area? And do you believe that their prior- 
ities will help make agencies more efficient, more responsive? 

Mr. Powner. Well, clearly, transparency and using the tech- 
nologies to provide better service to citizens, that is great. I think 
when you look at the management and oversight, OMB’s respon- 
sibilities tie back to the Clinger-Cohen Act to track, analyze this 
investment that we are spending on $71 billion. There are three 
things we need to do. 

One is we need to start with adequate justification where we 
have a business case that justifies the investments. We currently 
have a business case, frankly, that has gotten a little bit unwieldy. 
It is rather excessive. We need to streamline that and make sure 
that we have an adequate business case that every investment is 
justified. 

Second, we need to shine a spotlight on the problems that we 
have, and I think the watch list and high-risk project watch list 
were steps in the right direction, but we can actually take that to 
the next level. We can do that for all major IT projects. We can be 
more transparent with the shortfalls associated with high-risk 
projects that are reporting performance problems. 

And then third — and this was the subject of a hearing we had 
last summer, Mr. Chairman — is we now need to focus on fixing the 
problem, tackling the root causes on why we have so many troubled 
projects, whether it is people, whether it is processes and those 
things. I can tell you right now that based on all the work we have 
done for you and the data that Ms. Evans has, we can go right 
down the list. Requirements definition is poor. We do not manage 
risk well. We do not oversee contractors well. We know where there 
are a lot of pain points that we can improve going forward. 

Senator Carper. Say that again? We do not oversee contractors 
well. Is that one of the points you made? 

Mr. Powner. Correct. 

Senator Carper. And is it because in some cases the people that 
we have on board, they are a part of the Federal Government team 
whose responsibilities include overseeing the contractors, they may 
not have the experience or the breadth of training or under- 
standing to be able to do that well? 



28 


Mr. POWNER. It is both. I think it is training and expertise to do 
that well, and sometimes there is just too much faith placed in con- 
tractors. I will give you an example. We have talked about these 
Earned Value Management reports. So all contractors are to pro- 
vide those to the Federal Government on every project to see 
whether we have problems with cost and schedule performance. 

There are some agencies we go into and ask the agencies for 
those reports, and it takes 3 or 4 months for the agencies to get 
us those reports. And I question whether they actually have had 
them all along. I mean, that is a core contract management over- 
sight technique that is not being utilized. It is something you re- 
quired back in 2005. 

Senator Carper. Why do you suppose it is not being utilized? 

Mr. PowNER. I will let Ms. Evans respond to that. A couple 
things. There is a reluctance to lean on contractors, and sometimes 
the government is flying blind. We do not realize that we have got 
cost and schedule performance problems until all of a sudden some- 
one says we have a 30-percent variance. Well, why didn’t we know 
when it was 15 percent and 20 percent? Because we were not 
watching what was going on. 

So, you have times where folks were asleep at the wheel on the 
government side, but then also, too, at times there is a reluctance 
to really lean hard on these contractors. 

Senator Carper. Ms. Evans, why is that? 

Ms. Evans. On all of those issues or a few of those? 

Senator Carper. No, the last one. 

Ms. Evans. Well, I do think that at times it is hard for the gov- 
ernment and the agencies to lean on contractors because if you are 
not clear with your requirements up front and then a conflict oc- 
curs, then there is a traditional dance that the government goes 
through with the contractors. And the contractors will sit there and 
say, “You did not define the requirements,” and the government 
will say, “You never told me.” And we put those two together, and 
then I believe what ends up happening is people are afraid to call 
a spade a spade and say, ‘You are not performing.” 

And so you have to have your documentation in place. You have 
to be a good project managers. And you have to understand the 
tools that are in place. And you have to know — and you said it. You 
plan and you have to have the plan because you have to know 
where you are going. You cannot get there if you do not have the 
plan. 

And, Senator Burris, you brought this up as well, too. Garbage 
in is garbage out. If you do not put the right information or you 
have not taken the thought about what the requirements should 
be, then you are not going to get what you paid for because you 
do not even know what you asked for. And that happens a lot on 
these government contracts, and sometimes it is time because they 
had deadlines that had been promised where they have to publicly 
meet deadlines, and they really believe that they are going to make 
it. But they are not because they did not put the proper planning 
in up front. 

I do believe — and you mentioned in your opening statement that 
you have introduced the bill dealing with the oversight, and some 
of the enhanced authorities and things that you were talking about 
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specifically for the administrator of E-gov, we give 0MB and give 
that administrator the ability to go in, and if you need somebody 
to be the heavy guy, 0MB does it. I mean, I did it when I was in 
0MB, and that is OMB’s role as oversight, to go in and say, “Look, 
that is a legitimate business need, but you are way off course. You 
need to stop and you need to regroup and put together a team and 
really address these weaknesses.” And if transparency to the Hill 
is what needs to be done in order to make sure that happens, then 
that is what needs to be happening because you have the data now; 
you need to move it and push the agencies to the next level of per- 
formance and hold them accountable. And through hearings like 
this, meetings with your staff, producing the information on a reg- 
ular basis will drive that improvement within the agencies. 

Senator Carper. OK. Mr. Bond, I would be interested in your 
comments on this as well, please. 

Mr. Bond. Yes, thank you. Since our association does include a 
number of the leading contractors 

Senator Carper. I understand. 

Mr. Bond [continuing]. Folks who are really household names in 
that space, and I want to assure the Subcommittee that the leading 
executives who work with us at our association absolutely welcome 
robust oversight. Absolutely. But you will hear our companies talk 
about the need for the government to be a good customer, to under- 
stand their requirements and be able to execute, cut down on the 
change orders and other changes that come mid-course. But I think 
sometimes there is a misperception on Capitol Hill or elsewhere 
that there is some shyness about the oversight. In fact, robust over- 
sight we welcome. 

Senator Carper. Just kind of thinking out loud here, I am espe- 
cially mindful, as this new Administration comes in, that we have 
positions that are vacant, in some cases important positions that 
are vacant for an extended period of time. In a number of cases the 
senior people who come in and serve in these leadership positions 
within agencies, they may be in for a year or two. A case in point: 
Census. Dr. Murdoch came in. He served for roughly a year. A new 
Administration comes in, he is gone. He submitted his resignation 
the same day — as I recall, his resignation was effective roughly the 
same day the President and Vice President were sworn in. He had 
been on board for maybe a year or so. I think by most people’s ac- 
count he did a good job, but he is gone. And we have had a vacancy 
since that time, and hopefully we are going to fill that position 
soon. I think we have got a good nominee to come before us shortly. 

But that is just one example, and there are plenty of others. And 
I think maybe that sort of — the way that we bring people into lead- 
ership positions for a relatively short period of time, a year or two, 
they are gone, we have vacancies, sometimes for extended periods 
of time before we fill them again. I think that kind of feeds the lack 
of oversight and supervision and maybe leads to change orders. 
You have a new Administration, you have a new person in who has 
a different set of priorities than the last one. 

We are probably going to try to address it with the Census Direc- 
tor’s position by looking at what happened in the IRS. The IRS 
Commissioner who used to serve basically at the pleasure of the 
President, and now the IRS Commissioner serves a 5-year term. It 
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can go from one Administration to the other, but that person is 
there for an extended period of time. I think there is probably a 
pretty good chance that we will be pushing for a similar kind of 
approach on the Census Director. This idea of literally on the eve 
of a census for us to sort of start and stop all over again is — I think 
it drives this problem, contributes to this problem. You all do not 
have to respond to that. 

I do want to ask one last question, Mr. Powner, and you may 
have said it and I just missed it. But if you had to say what may 
be the first thing that Mr. Kundra should do to improve the man- 
agement of information technology, if you said, “The first thing you 
do, this is what I would do first,” what might that be? 

Mr. Powner. I think there needs to be a clear oversight mecha- 
nism for all 800 major IT projects, whether you extend the watch 
list process, whether you have corollary monthly dashboard, but it 
needs to be real clear, the information that agencies need to report 
to the Office of Management and Budget, and then there needs to 
be aggressive follow-up on that. Because as Ms. Evans has learned 
and all the work we did for you, a lot of stuff that flows up is not 
always completely accurate. You need to have checks and balances 
with IGs and GAO and your hearings. But that is key going for- 
ward because we have too much money on the line. And it is great 
that we have talked about using web-based applications to move 
the ball forward, but we do a lot of amazing things in this country, 
and the majority of that $70 billion is spent on large IT projects 
that we are controlling aircraft, we are putting environmental sat- 
ellites in the air, we are securing our borders, we are making sure 
that the flying public is safe. And those things we are not going 
to do with Internet-based applications. We are going to do it the 
way we have always done it. 

Senator Carper. All right. Thank you. 

Let me yield to Senator Burris. Thank you for your patience. 

Senator Burris. Yes, I have a couple more questions, Mr. Chair- 
man, because the more we talk, the more these questions are pop- 
ping up. 

I am concerned with reference to the contractors. Are there con- 
tracts signed with defined terms and penalties and agreement? Let 
us say if there is a change order that comes through, is that con- 
tract with the Federal Government — since I am new to the Senate 
here. I know in State government how we did it. There were cer- 
tainly defined work orders, but also if there were any change or- 
ders that were needed, there would be a limitation on the change 
orders as to what was really in the specs when we entered the con- 
tract. Are there signed contracts pursuant to, I assume, competitive 
bidding? Or is this a sole-source type of operation? 

Ms. Evans. So the answer would be yes, there are signed con- 
tracts. There are different types of contracts within the Federal 
Government. So there are performance-based contracts; there are 
fixed-price contracts, cost-plus contracts and sole-source contracts. 
They could do sole-source contracts. You have to do it based on the 
need. There is a lot of variance. 

Mr. Kundra talked specifically about fixed price. My preference — 
and if we could go this way — would be performance-based con- 
tracts, which means contractors really do not get paid until the 
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work is done because a lot of times under fixed-price contracts, you 
pay a fixed amount, but if you do not get it for 5 years after the 
due date, that does not do the government any good either. 

And so you are supposed to specify, but if you put a contract in 
place that allows a certain amount of flexibility, it is flexibility on 
both sides, which means that the government needs to be more re- 
sponsible. And as Mr. Bond said, we have to be good customers. 
When you put that contract in place, you really should know what 
you are buying or what you want to buy or what service you want 
to provide, and the idea of how it should work functionally to allow 
innovation and the contractors to propose technical solutions. 

Senator Burris. Pardon me. Do you find that the contractor who 
won that contract might have — that compliance might have its sole 
package, and its package is not as up to date as what was thought, 
and then when you really start halfway down your project, you find 
that the package is not designed — or not going to perform the way 
you thought it would perform, because then this contractor does 
not have any more tools to put into that to make the adjustment 
because he is trying to sell you what his design package is about? 
Has anyone run into that problem? 

Ms. Evans. The answer is yes, that happens. Probably one of the 
better examples — and the FBI will kill me on this one — is they 
were doing their modernization 

Senator Carper. Be careful what you say. They might. [Laugh- 
ter.] 

Ms. Evans. Yes, I know. They might, really. But GAO gave them 
a good report at the end. But probably the best example to hit on 
what you are talking about — there are actually two — is the Sen- 
tinel project. It started out initially as a virtual case file. The busi- 
ness requirement was needed, but what happened was the FBI 
said. Well, I want this, this, and this, and I want these packages, 
because I have looked at them all. And then they did a procure- 
ment. When they brought them together, they did not work to- 
gether, and all the vendors then said, well, it is not really our fault 
because you said you wanted them all to work together. And so 
that project had to stop, and they had spent 100 percent of the 
funds and had less than 10 percent of the functionality. 

So that project stopped, and they went back to, we are not that 
smart like what we thought, we really should go back and say here 
are the business requirements and this is how we want the FBI to 
work 

Senator Burris. Did we have to pay more money for that project? 

Ms. Evans. We had to go back because it was the government 
who said based on the contracts this is what we wanted. We re- 
viewed the contract and everything. And so they did a new procure- 
ment, and this one GAO did review, and the management and the 
oversight and the way that they do change orders and how they 
hold people at bay and say, no, you cannot change — they actually 
have successfully implemented that in the first phase, and they are 
modernizing now. But it was, between the two of them — because 
the government does at times think I know more than what the 
contractor does, so I want this, this, and this product, and then 
they have not done the due diligence to see that they do not test 
together. 
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Senator Burris. One other follow-up question on that line of 
thought. Once they get a project complete and it is up and running, 
servicing that project is done by whom then? Is it done by the con- 
tractor or by the personnel that is on board? And are they up to 
speed on the functionality of that system? 

Ms. Evans. That gets to what Mr. Powner was talking about in 
the business case. When the agency comes forward, they are sup- 
posed to talk about how they do the acquisitions, how they are 
going to procure it, then how they develop it, and then how they 
are going to maintain it. And as it moves through that life cycle, 
0MB is involved in the oversight of that. So some of the things, 
when it moves through and it is operational, and then when you 
look at what the agency has done for its workforce and they do not 
have developers and they do not have the staff on board and they 
say they are going to manage it in-house, 0MB goes. Time out, 
time out. That is not a good strategy. We just did all of these other 
things. How are you actually going to maintain this and manage 
this going into the future? 

And so that is part of the oversight that Mr. Powner is bringing 
up, and that has to be rigorous throughout the life cycle of those 
projects. 

Senator Burris. One last question, and I surely want to get this 
in. Can any of you, the three of you all, discuss America’s stand 
compared to other countries in our use of and reliance on informa- 
tion technology? How are we comparing with the rest of the world 
in terms of our use of information technology? 

Mr. Bond. Yes, let me address that if I can. Senator, and if you 
do not mind, I would like to back up and comment on the other 
question just real quickly. 

Senator Burris. Sure. 

Mr. Bond. I think a straightforward way to think about the dif- 
ferent contracts and arrangements is to realize that the Federal 
Government is spending over $70 billion, and there will be dif- 
ferent circumstances that would call for different kinds of con- 
tracts, and to resist a one-size-fits-all kind of approach. That means 
you have to understand, again, to make that point about training, 
where the technology is going and understand that, gee, now every- 
body is talking about cloud computing, well, that may lend itself 
to more of a managed service contract, which folks often have re- 
sisted. But it is a different innovative new model, and so you have 
to understand that when you are the government buyer and factor 
all that in so that you do not march down a dead-end path, as 

Senator Burris. But, now, that will end up in the information of 
the technology staff, but will that information get up to the deci- 
sionmakers so that the necessary changes can be made in a timely 
fashion? That is a major question. 

Mr. Bond. Right. It is a fast-changing environment for every- 
body. 

Senator Burris. Yes. 

Mr. Bond. On the question of U.S. competitiveness, I think that 
there are — I know that there are a lot of different rankings. OECD 
and others who have rated the United States now as low as 8th 
and 14th in some different ratings. Others still have the United 
States as No. 1 when you consider the innovative capacity of our 



33 


higher education system and research universities and others. It is 
a mixed picture. But what no one would debate is that our lead is 
less than it was and that the rest of the world is catching up. They 
have looked at our models, the use of research universities, tech- 
nology transfer, and other things, and they have tried to mimic it 
where they can. And they have closed the gap. That in some ways 
makes them better customers for us because we are only 5 percent 
of the world’s population, and we want them to be good customers. 
But it has made it more competitive. 

Senator Burris. Now, would some of that be through this cyber 
fraud that they are stealing stuff from us in terms of them catching 
up? 

Mr. Bond. There is no question that economic espionage is a fact 
of life in our world today, and one of our missions at TechAmerica 
is to try to make sure that businesses across the United States un- 
derstand that there really is a threat out there, that people do 
want competitive information. And that means you need the most 
innovative protections out there. 

Senator Burris. Because what I understand from our earlier 
hearing this morning, even our closest allies might be seeking — be- 
cause we have all the goodies here. I mean, everybody is spying or 
trying to steal something from America. 

Mr. Bond. It is tough to be No. 1. 

Senator Burris. You would think that our allies would not be 
doing that, very close countries, but they are looking, I assume, to 
see if they cannot come up with something and get an edge from 
America, or maybe not necessarily on America but some of their 
other competitors in the world. But we are still No. 1 you would 
say, Mr. Bond? 

Mr. Bond. Well, I think we are when you consider all the factors, 
but I think it makes policy all the more important because we 
know they are trying to close the gap, and so if we do not address 
old laws that are slowing us down — because government often does 
spur the innovation, as Vivek Kundra mentioned — if we do not get 
those policies right, the lead will only close. 

Senator Burris. Mr. Chairman, thank you very much. I have to 
run to another meeting. 

Senator Carper. Thank you. Senator. We are just delighted you 
could come by. Thanks for your interesting questions. 

Senator Burris. Thanks to the witnesses. They have been very 
informative to me. I really appreciate that. Being new in the Sen- 
ate and having some of these statewide ideas and bringing them 
to the national scene, the problems are about the same. 

Thank you, Mr. Chairman. 

Senator Carper. Thank you. 

I want to just stick with what Senator Burris was asking there 
just for a moment, kind of going back to our earlier hearing today 
on cyber security where we have countries that are major trading 
partners, major lenders to this country, major holders of our securi- 
ties, major countries in the world, and there is plenty of evidence 
that they are not just involved in trying to access weapons systems, 
complex advanced weapons systems, but also there are elements 
within those countries that are trying to steal intellectual property 
rights. We spend a lot of time here in the Congress trying to figure 
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out how to protect intellectual property rights, and we have had 
enormous dehates actually for a couple of years on patent protec- 
tion, trying to get to a compromise on that. And we find out that 
there are other entities within countries, and some who are pretty 
friendly with us, that are literally coming in and just making a 
joke out of intellectual property rights and patent protection. 

I like baseball — I like sports, but I like baseball, and I sometimes 
think of things in the context of athletic competition, but if you are 
a catcher for a team and you are calling the pitches from your 
pitcher, literally in the full view of a national television audience, 
you signal the pitch that you are going to ask for. And you mix up 
your signals so that no one knows for sure what you are asking for. 
And if you happen to be the third base coach, you might be using 
a whole variety of signals to tell the batter what to do — hold off on 
a pitch, go for a pitch, hit behind a runner, hit a sacrifice fly or 
whatever. That is a very simple notion, but there is a lot of effort 
by the other team to figure out what signal, what is going to be 
the next pitch, what are you telling the batter to do. 

Are we smart enough to be able to use a similar kind of approach 
when somebody is trying to steal the plans for the F-35? Do we 
have the ability to put up so many different options out there, they 
are not really sure which one is the real F-35? That is just one 
simple example. But do we have that capability? I am trying to 
think, how do we play offense, how do we play defense against this 
stuff? Clearly, we need to. We are going to need to be able to do 
it a lot better than we have. 

Mr. Bond, I will start with you, but if anyone else has a 
thought 

Mr. Bond. Sure. I think it is a fundamentally important question 
that goes to our national competitiveness. It is a competition. There 
are folks who would want to steal our intellectual property and 
other advantages that they might be able to secure. 

So I think, first of all, it means that we really do have to take 
advantage of our full innovative capacity because bad guys are in- 
novative and smart. We need to be that much smarter and more 
innovative. 

The good news is that our country has a rich tradition there, and 
I am confident that we can remain ahead. But it does mean that 
you have to be set up to enable and accept that innovation and stay 
ahead of the bad guys. It also means that we have to stand up for 
intellectual property rights all around the world in multilateral 
and bilateral conversations, as I know Administrations have for a 
number of years. Indeed, congressional leaders here, as they travel 
overseas, have done the same. 

So we have to press on all fronts, and I would say that includes 
FISMA reform, which I know is a particular interest of the Chair- 
man’s that we need to strengthen, and then we need to also look 
at cyber security R&D — basic R&D is a mission of government in 
these days — so that the applications and the real development of 
that can be taken by the private sector. And I think there is more 
work for the Federal Government to do in cyber security R&D. 

So those are a few, I think, that we also in our association’s view 
we would be helped by having a real quarterback at the White 
House who is the senior cyber security leader as well. 
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Senator Carper. Thank you. 

Ms. Evans, do you have anything you would want to add on this 
point? 

Ms. Evans. I would like to add a little bit to that because I think 
that this is a place where the Federal Government can really lead 
by example. And so a lot of the things that Mr. Bond is talking 
about are real high-level types of things that are out there dealing 
with the industry as a whole and the government as a whole to 
keep that competitive edge. But there are things — I will give you 
another analogy. This is the same as if you live in a homeowners’ 
group and they are in your group, they 

Senator Carper. You mean like a civic association? 

Ms. Evans. Well, when you talk about your housing development 
and you come in, what happens is if you put up certain things — 
and this is a known fact — that if you put up this house is mon- 
itored, that is a deterrent from people, and they will move to the 
next house to see if it is or if it is not. And so basic types of good 
housekeeping that Federal agencies could do, and I would say in- 
dustry could rise to this occasion by building security right into the 
products. Instead of agencies having to figure out what are the 
right settings, just have those settings already built into the prod- 
ucts because we have been talking about how the workforce needs 
to be bolstered, needs to have these skill sets, needs to be able to 
do these things. And so if you are buying products that are already 
secure and you implement them and you leverage the buying power 
of the Federal Government, which I believe is part of what is in 
the intent for the FISMA reform, that you now raise the level up 
a level and so they may move on to the next company or the next 
government or the next country and say, OK, well, we are going 
to get the information from them. 

But as we move into a more collaborative, networked world, we 
have to be cognizant of where all those doors are. And so if we put 
up the sign first and we say, well, we are monitoring, and we have 
our security alert system, then we will need to take it to the next 
level where, when people knock on my door and it goes off, the po- 
lice come to my house. Well, we would want to take it to the next 
level, and then maybe go to even the next level where you are pre- 
venting things and keeping people out, which may not be kosher, 
so to speak, of your subdivision that should not be there because 
you know that they should not be there because they have bad in- 
tentions. 

Senator Carper. Sitting in your seat this morning at another 
hearing on cyber security, a full Committee hearing, Alan Paller, 
who I am sure you all know, talked again and again, and yet again, 
about the importance of getting it straight right from the start with 
the procurement process. I told him in my business, we try to 
stay — we are given kudos for remaining on message. I said, “Mr. 
Paller, you are definitely on message.” 

Mr. Bond. Yes, I just wanted to add to Ms. Evan’s point about 
building in security from the inside. I think often we think of that 
like a patch or something. You have your system, let’s put a Band- 
aid on it for security. 

Last week, I was out at the world’s largest cyber security show, 
and, indeed, this is exactly the focus of the private sector industry. 
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is building the cyber security in from the very beginning on all 
products so that it is a quantum leap in terms of the level of secu- 
rity. So that is the trend in industry. 

Senator Carper. Good. That is encouraging. 

Mr. Powner, anything you want to add before I ask you one 
more 

Mr. Powner. Yes, just one comment. I know Mr. Kundra men- 
tioned the 60-day review that Melissa Hathaway is currently en- 
gaged in. We have a real need here in this country just to take it 
up to another level. I believe the Federal Government does need to 
lead by example. We have a lot of room for improvement when we 
look at the whole — with FISMA and how the agencies report. But 
we had a structure going back to 1996 in the Clinton Administra- 
tion that we put in place, a public-private partnership arrangement 
because 85 percent of our cyber critical infrastructure is owned by 
the private sector. And we attempted for years to have this govern- 
ment-private partnership, and it has not worked real well, to be 
frank. 

One example, if you go back to Internet recovery, if the Internet 
goes down, there is a requirement on the books that there is a pub- 
lic-private Internet recovery plan. We have never had that. You can 
go back to September 11, 2001, Hurricane Katrina, look at lessons 
learned. We still never put that together. 

So there is a real need to bolster this public-private partnership, 
and hopefully with the 60-day study and any revisions to our na- 
tional strategy — we actually had a pretty good strategy in 2003, a 
national cyber strategy. The problem is we have not implemented 
it well. 

Senator Carper. That is a problem. 

Ms. Evans, in your testimony you spoke to something that is 
near and dear to my heart, and I am sure it is near and dear to 
the hearts of most of the people in this room, and that is, pro- 
tecting our environment. As we know, a lot of the technology that 
we consume includes some fairly hazardous, dangerous “stuff’ that 
can pollute our groundwater when it is thrown away. What more 
do you recommend the Federal Government should do in this area 
that we call, I guess, “green computing”? And are there any pro- 
grams that we maybe want to extend nationally or even inter- 
nationally to try and cut down on this kind of waste? 

Ms. Evans. In particular, the Environmental Protection Agency 
is the executive agent to deal with the disposal of equipment, and 
that is a big problem. And GSA is also involved in the re-use of 
the equipment. So I think a lot of times when the Federal Govern- 
ment buys equipment, the idea of how to dispose of it and where 
it goes actually really does cause a lot of problems, and it is a big 
environmental issue. 

As green IT evolves and EPA continues to lead the way in dem- 
onstrating what that should be, that also, again, could be a place 
where the Federal Government can leverage its requirements and 
say that they are only going to buy equipment that does certain 
types of things because you are looking at the life cycle of that 
equipment and its impact on the environment when you go to dis- 
pose it. 
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So some of those things are the best practices that are currently 
involved in EPA and really should be extended out, and the CIO 
Council I would hope would take a look at that so that they could 
then take those requirements and build them into the procure- 
ments up front and get hardware that would meet that, and then 
it would be easier on the environment to get rid of. 

Senator Carper. Anybody want to react to that comment? 
Please. 

Mr. Bond. Just a couple of points. I think what you have de- 
scribed is a real shift in the whole mind-set of America, if not the 
entire world, about getting more serious about impact on the envi- 
ronment. That sent a strong signal to the leading companies, so 
you will see many of them in the hardware space with their own 
recycling programs, efforts to recycle those specialty metals that 
are built in, and importantly, too, a move to whole new materials 
that are going to be much more environmentally friendly, whether 
it is the casing of the computer or whatever, moving to new mate- 
rials that are, in effect, green. 

Senator Carper. Good. Thanks. I think I have one more question 
that I am going to ask for the record — one more here and then 
maybe a couple more that we will submit for response in the 
record. 

Mr. Bond, back to you. In your testimony, I believe you men- 
tioned several examples where other countries — I think one might 
have been England, I think one might have been Canada — were 
able to successfully use technology to change in some pretty signifi- 
cant ways the way they operated. For example, I think Canada 
uses the Internet for its census. I am told so far it has worked fair- 
ly well. Dr. Coburn and I on this Subcommittee have lamented in 
other hearings with the Census Bureau over the last several years 
our unhappiness with the fact that we are not using the Internet 
and some other technology more extensively during our own cen- 
sus. But can you give us an example or two, such as Canada’s use 
of the Internet for the census, that we might keep in mind for our 
own country? 

Mr. Bond. Yes, certainly, Mr. Chairman. In the case of Canada, 
they have been using the Internet and web-based technologies to 
share some of that data rapidly, and what that does is then makes 
it available for innovative uses by people from the general public. 
This is one of the points that Mr. Kundra was making earlier, that 
you need to be open as a government to the innovative capability 
of the end users. It is not just about the individuals on your pay- 
roll, but the innovation that is out there. And so in that case, not 
only is the data made available, which can have real business im- 
pact in the near term because you know where the market is or 
where people are, but also it allows those people to massage and 
work with the data in new and creative ways that maybe have not 
even occurred to the government of Canada. 

Senator Carper. All right. Anyone else want to comment on this 
particular point? 

Ms. Evans. The one challenge, I think, that we will face — ^be- 
cause during my tenure we met several times, quarterly, with 
many of my counterparts internationally — is the idea of identity 
management, which has already been brought up. The reason why 
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some of these online types of activities with the other countries and 
their services are successful is because they are working on the 
issue and have identified the issue of dealing with identity man- 
agement and putting a solution in place that the citizens trust. And 
here in the United States, we are going to have a challenge with 
identity management, dealing with the privacy aspects of that, and 
then how much information do we really turn over to the govern- 
ment, to the States, to the locals as it relates to me when I am ac- 
quiring services from the Federal Government. 

Senator Carper. OK, fine. This is a time when — I do not always 
do this, but we have a minute or two and I want to do it today, 
just to ask — and we have covered a fair amount of territory here, 
and I am grateful for your being here. I am very grateful for Mr. 
Kundra’s appearance and testimony and responses as well. We will 
have some more questions from our colleagues who were not able 
to join us today and have questions that they will want to submit, 
and I would just ask that you respond to them in a prompt way, 
as you always do. 

But is there anything, any parting comments, any last-minute 
take-aways that you want to say, anything you want to re-empha- 
size maybe that you have already said or you have already heard, 
or maybe something that has not been said that you think should 
be said for the good of the cause? Mr. Powner, anything as we close 
out here? 

Mr. Powner. I think clearly building on — there was a lot Ms. 
Evans did to get the ball rolling, to improve transparency, to 
heighten oversight, and I think we really do need to leverage all 
the good things that occurred with the previous Administration, 
but really take it to the next step. We need a basketball analogy 
here. We need a full court press on the $71 billion. 

Senator Carper. All right. Thank you. 

Ms. Evans, are you going to sit there and take that kind of abuse 
from him? 

Ms. Evans. No, I actually am pleased to be here and be able to 
represent the views of being able to challenge the agencies to go 
to the next level. I think the foundation is there, and I believe this 
is an opportunity. Many times you used to ask, well, what can Con- 
gress do to help? And there are times when there were things that 
I would have liked to have said, so now I said them all in my testi- 
mony, which is I really do think that there is an opportunity where 
Congress can really move the agencies to the next level with ac- 
countability and taking a look at some of the legislation and put- 
ting that in place so that the transparency — so that you have the 
information that can make the agencies — and if you are holding the 
agencies accountable, they will perform. I mean, nobody comes to 
work and wants to do a bad job. They really want to get the re- 
sults. And so if they are being asked over and over again, “What 
are you doing and how are you accomplishing this?” I really do be- 
lieve that they will rise to that level and perform. 

Senator Carper. All right. Thank you. Mr. Bond. 

Mr. Bond. I think I would only express on behalf of our members 
their belief that this is the innovation headquarters of the world, 
and they want to make sure that we get it right, we get the policies 
right and so forth that will enable that to continue. And so on be- 
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half of the association, we are extraordinarily pleased at the open- 
ness of you and your staff and look forward to working with you 
to try to make sure we get it right and keep innovation going here 
in the United States. 

Senator Carper. All right. Well, I think that is a pretty good 
note to close on. We look forward to meeting with you again, and 
thank you again for your participation today. 

With that, this hearing is adjourned. 

[Whereupon, at 4:31 p.m., the Subcommittee was adjourned.] 
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"Government 2.0: Aovawcing America into the 21” Century and a Digitai Futuke" 


Good afternoon, Mr. Chairman and members of the Subcommittee. Thank you for 
inviting me to testify on how the Federal Government can use information technology 
to change the way agencies achieve their missions as well as how information 
technology can enable agencies to spark innovation, interact with citizens more 
effectively, ensure transparency, and reduce energy costs. 


Government 2.0 

To begin, consider the three major revolutions that have fundamentally transformed 
society: the Agricultural Revolution, the Industrial Revolution and the Information 
Revolution. In all cases, a fundamental principle holds: technology is pivotal In driving 
structural change. 

In the Agricultural Revolution stable food production created an environment where a 
person could literally spend their entire life within a 25-mile radius of their birthplace. 
All the means of production and distribution with regards to commerce were limited to 
that 25-mile radius. 
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The Industrial Revolution brought about another era - enabling the rapid movement of 
goods, supplies, and people - which fundamentally changed the workings of the 
economy. The pace of commerce quickened - whether through ships, trains or planes, 
and the world became significantly smaller. 

Today, the Information Economy is powered by the digital infrastructure upon which we 
depend. In the same way the Industrial Revolution made the physical world smaller, the 
Information Revolution has fundamentally transformed society. Not only is the world 
smaller and faster - information can be sent across the globe in a matter of seconds - 
but it is also connected in ways previously structurally impossible. Buyers and sellers, 
students and teachers, governments and their citizens, can find one another regardless 
of physical location, and new relationships and social networks can form spontaneously. 
Twenty first-century technology and telecommunications are flattening communications 
and markets and have contributed to a period of unprecedented innovation, making us 
more productive, connected citizens. 

Just as society experienced these fundamental transformations in stages, so too has the 
Federal government, as it has entered the digital world; 

• Federal agencies began by placing information and content online, consistent 
with their mission. However, the use of that information and the underlying 
business processes were not changed - the online organization merely mirrored 
the physical organization. In essence, the Federal government "webified" itself. 

• In the second phase, the focus shifted to the automation of back-end processes 
and improvement of citizen access to services. However, much work remains. 

We have yet to fully turn these concepts into reality and are only at the 
beginning in terms of what is possible with modern technology. 

■ The next phase - advancing America into the 2l” century and realizing the 
promise of Government 2.0 - entails a fundamental shift in the interaction 
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between the American people and their government. It will require making 
government "context-driven." 

Context-Oriven Government 

President Obama has made it clear that we must use technology to reform government 
and improve the exchange of information between the federal government and citizens. 
Put simply, context-driven government means government information and services are 
provided to citizens when they need it - and where they need it - as they go about their 
digital, daily lives. 

For example, a teacher checks email on her smartphone before heading out for the day. 
An alert flashes, reminding her it is Earth Day so she decides to walk to work rather than 
take her usual bus. She also receives a notice that it may rain by a site fed by NOAA 
weather information and picks up her umbrella before going out. Opening a digital 
map, she sees not only the shortest route to the office, but also a listing of all the coffee 
shops she will pass along the way. While in line at the caf§, she notices an NIH report on 
the health benefits of green tea, which she orders instead of her usual coffee. She pays 
her mortgage online while waiting for her tea - getting an updated bank balance while 
on the site — and then connects to her favorite social networking site to determine her 
evening's plans. This takes place in minutes - on the walk to work - and has been a 
seamless experience, despite the fact she has traversed at least five organizations and 
dozens of digital destinations. To her, the information and services are simply available 
where needed and when needed. 
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Increasingly, social networking sites, online shopping portals, and commercial search 
engines are where the American people spend time online. Facebook alone currently 
has more than 200 million active users^. 

We must use context-driven government to bring the government to citizens so that 
information and services are available where and when citizens need it. Access to 
government services should be just another component in a seamless digital experience. 
Doing so not only provides better service to our citizens, but also allows the government 
to leverage existing services and platforms - and consequently reduces the cost of 
government operations. Where the private sector {or another government agency, 
whether at the federal, state or local level) has a solution in place, we should seek to 
partner and leverage rather than "re-invent the wheel" by unnecessarily spending more 
taxpayer dollars. 

And while we are taking on these challenges, we always must be cognizant of the 
significant burden to protect the private information of the American people. This 
focus, along with a commitment to ensuring privacy as investments are made in the 
widespread implementation of electronic health records, must be leveraged to set a 
high bar for the goal of protecting the personal information of all Americans. 

Democratization of Data 

As the President has stated, information maintained by the Federal government is a 
national asset^ — and should therefore be made available, consistent with law and 
policy, to the public in a way that is easy to find and use while protecting the privacy of 
our citizens and access to sensitive data. Making the information and operations of 
government more open and accessible will drive accountability, performance, and 


* http:/www facebook.com/press/info.php?slatisu'cs 

^ htip:y/www, whitehouse.gov/the_press_offfce/Transparency_and_Open_Government/ 
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engagement. And through currently available technology - search tools, online video, 
social networking - we now have the means to do so. 

Democratizing government data will engage citizens and fundamentally change how 
government operates. The availability of raw, machine-readable data in a variety of 
open, standards-based formats involves the citizenry in new ways and empowers them 
to be "co-creators", alongside the government, of new applications, new ideas, and new 
ways of doing business. By enabling the "mash up" of data feeds we can create value 
both for the government and for the country. Innovation can occur much faster and at a 
lower cost if we move to democratize our data. 

Participatory Government 

On March 26, 2009, the President hosted an online town hall, the first of its kind for any 
White House. And with almost 100,000 participants and more than three and a half 
million votes cast, it was an unprecedented experience that showed the potential for 
public participation in this kind of accessible forum. We must and will continue to 
engage the American people through such platforms. 

Structural change is never easy and will require a strong focus on IT governance, from 
capital planning and investment management to privacy and security as we move to 
Government 2.0. An unprecedented amount of computing power is currently available 
at all levels of government - and we must enable the federal employee (whether an IT 
worker or otherwise) to share information across the enterprise. Much as we will 
democratize government-owned data to engage citizens as "co-creators", so, too, must 
we break down information silos. 

Through the use of social networking tools, increased transparency of government data, 
and a strong focus on collaboration - we can harness the power of innovation and 
creativity across the government and realize the promise of Government 2.0. 

Closing 

This concludes my statement. Thank you for your time today and I look forward to your 
questions. 
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What GAO Found 

0MB has made progress implementing several initiatives aimed at improving 
oversight and transparency of federal IT investments, but as GAO previously 
reported and recontmend^, more attention needs to be placed on improving 
these initiatives. For example, OMB's Management Watch list identified 
poorly planned projects, and the office also identified and listed high-risk 
projects failing to meet one of four performance evaluation criteria, 0MB took 
steps to Improve the identification of the poorly planned and performing 
projects by, for example, issuing a central list of Management Watch List 
projects and publicly disclosing these projects’ deficiencies. With regard to 
the high-risk list, 0MB clarified the project criteria and started publicly 
releasing s^regato lists of high-risk projects on its Web site in September 
2006. However, more needs to be done by both 0MB and the agencies to 
address recommendations GAO has previously made, such as identifying and 
publicizing performance shortfalls on hi^-iisk projects. Additionally, the 
future of the Management Watch List and high-risk list is uncertain because 
0MB officials stated that they have not decided if the agency plans to 
continue to use these lists. 
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As another step aimed at increasing oversight of agencies’ IT investments, 
0MB required i^encies to provide investment justifications for razuor IT 
projects to demonstrate both to agency management and to 0MB that the 
projects arc well planned. However, GAO raised concerns about the accuracy 
and reliability of the information agencies used to comply with this 
requirement imd recommended changes lo the reporting process. In response, 
0MB required agencies lo disclose weaknesses in their information. 

0MB also required the use of earned value management, an approach to 
prefect management that can provide insight into project status, warning of 
schedule delays and cost overruns, and unbiased estimates of total costs. 
However, GAO identified weaknesses in agencies’ use of this management 
tool- For example, the Federal Aviation Administration was using earned 
value management to manage IT acquisition programs, but not all programs 
ensured that their earned v^ue data were reliable. GAO made a number of 
recommendations to feder^ agencies to cJarilV and expand their earned value 
management policies and strengthen their oversight processes at the program 
level. Until ^encies expand and enforce their earned value management 
policies, it will be difficult for them to optimize the effectiveness of this 
management tool. 

BuilcUng on successes 2 uid looking for more efficient and comprehensive ways 
to bolster oversight and transparency of the federal IT budget will help ensure 
that federal fT dollars arc wisely spent and agency mission performance is 
enhanced. Accordingly, 0MB needs to decide if it is going to continue to use 
its Management Watch list and high-risk list. If 0MB decides not to use these 
tools, it should promptly implement other jqjpropriatc mechanisms to help 
oversee IT investments. 
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Mr. Chairman and Members of the Subcommittee: 

1 am pleased to be here today to discuss efforts to improve oversight 
and transparency of information technology (IT) investments. As 
you know, biUions of taxpayer dollars are spent on these projects 
each year, federal IT spending has now risen to an estimated $71 
billion for fiscal year 2009. Given the size of these investments and 
die criticality of many of the systems to the health, economy, and 
security of the nation, it is important that the Office of Management 
and Budget (0MB) and federal agencies are providing appropriate 
oversight and that there is adequate transparency into these 
programs. 

During the past several years, we have issued numerous reports and 
testimonies on OMB’s initiatives to highlight troubled projects,' 
justify IT investments,’ and use project management tools." We made 
many recommendations to 0MB and to federal agencies to improve 
these initiatives to further enhance the oversight and transparency 
of IT projects. 

You asked us to testify on OMB's key efforts to improve the 
oversight and transparency of federal IT projects. Specifically, my 
testimony covers key oversight mechanisms 0MB used to highlight 
troubled projects, justify IT investments, and manage costs and 
schedule growth. In preparing this testimony, wo relied on prior 


'GAO, biformation Technology: Treasury Needs to Better D^ne and implement /ts 
Kamod Value Afanagemml Policy, GAO-08-951 (Washington, D.C.: Sept. 22, 2008); 
Information Technology: Further Improvements Needed to Identify and Oversee Poorly 
Planned and Performing Projects, GAO-07-12UT (Washington. D.C.: Sept. 20, 2007); 
Irformabon Technology: Improvements Needed to More AccuratHy Identify and Better 
Oversee Risky Projects Totaling BiUions of Dollars, GAO-0&-1089T (Washington, D.C.: 
Sept. 7, 2006), Irrformation T&:hnology: Agencies and OMD Should Stiengthen Processes 
for Identifying and Overseeing High Risk Projects, GAO-06.047 (Washington, D.C,: June 
15, 2006). 

*GAO, Information Technology: 0MB Can Make more Effective Use of Its Investment 
lievieu'S, GAO-05-276 (Washington, D.C.: April 16, 2006). 

"GAO, Air Tmjju- Control: FAA Uses Bcrmed Value TerJmiques to Help Manage 
Information Technology Acquisitions, bni Needs to Clarify PtAicy and Strengthen 
Oversight, GAO-C®-756 (Washington, D.C,: July 18, 2008); GAO. IrrforrruUwn Technology: 
lyeasury Needs to Better Define and ImpUm&ni Its Earned Value Management Policy, 
GAO-08-95J (Washington, D.C.; September 22, 2008). 
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GAO reports and testimonies that assessed the government’s 
management of IT investments, including management of projects 
identified as poorly planned and/or performing, justification of IT 
investments, and use of project management tools. We also followed 
up with 0MB and federal agencies to determine the status of their 
efforts to implement our past recommendations. 

We performed our work in accordance with generally accepted 
government auditing standards. Those standards require that we 
plan and perform the audit to obtain sufficient, appropriate evidence 
to provide a reasonable basis for our findings and conclusions based 
on our audit objectives. We believe that the evidence obtained 
provides a reasonable basis for our findings and conclusions based 
on our audit objective. 


Background 

Each year, 0MB and federal agencies work together to determine 
how much the government plans to spend on IT projects and how 
these funds are to be allocated. 0MB plays a key role in overseeing 
the implementation and management of federal IT investments. To 
improve this overnight, Congress enacted the Clinger-Cohen Act in 
1996, expanding the responsibilities delegated to 0MB and agencies 
under the Paperwork Reduction Act.* Among other things, Clinger- 
Cohen requires agencies to better link their IT planning and 
investment decisions to program missions and goals and to 
implement and enforce IT management policies, procedures, 
standards, and guidelines. The act also requires that agencies engage 
in capital planning and perfoimance and results-based 
management* OMB’s responsibilities under the act include 
establishing processes to analyze, track, and evaluate the risks and 
results of major capital investments in information systems made by 
executive agencies, OMB must also report to Congress on the net 


*44U.S.C 5 3501(h) 4 -isoeth). 
*40 US.C.sll3ia <£-11313 
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program performance benefits achieved as a result of these 
Investments.* 

In response to the Clinger-Cohen Act and other statutes, 0MB 
developed a policy for the planning, budgeting, acquisition, and 
management of federal capital assets. This policy is set forth in 0MB 
Circular A-1 1 (section 300) and in OMB's Capital Programming 
Guide (supplement to Part 7 of Circular A-1 1), which direct agencies 
to develop, implement, and use a capital programming process to 
build their capita] asset portfolios. Among other things, OMB’s 
Capital Programming Guide directs agencies to 

• evaluate and select capital asset investments that will support core 
mission functions and demonstrate projected returns on investment 
that are clearly equal to or better than alternative uses of available 
public resources, 

• institute performance measures and management processes that 
monitor actual performance and compare it to planned results, and 

• establish oversight mechanisms that require periodic review of 
operational capital assets to determine if mission requirements have 
changed and whether the assets continue to fulfill those 
requirements and deliver their intended benefits. 

To further support the implementation of IT capital planning 
practices as required by statute and directed m OMB's Capital 
Programming Guide, we have developed an IT investment 
management framework’ that agencies can use in developing a 
stable and effective capital planning process. It is a tool that can be 
used to determine both the status of an agency’s current IT 
investment management capabilities and the additional steps that 
are needed to establish more effective processes. Mature and 
effective management of IT investments can vastly improve 
government performance and accountability, while poor 


‘40USaSI1302&11303. 

^CAO, Information Technology InvesVment MnnngentenL A Franiewoj-k for Assessing and 
Imprvmnff Process Malurily, GAO-04-394G (Washington, D.C,; March 2004). 
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management can result in wasteful spending and lost opportunities 
for improving the delivery of services to the public. 

In addition, 0MB has used key oversight mechanisms to higlilight 
troubled projects, justify IT investments, and manage cost and 
schedule growth. These mechanisms include 

• a Management Watch List to identily major IT projects that are 
poorly planned; 

• a list of high-risk projects that arc performing poorly; 

• investment justiBcaUotrs for major IT projects that agency officials 
were required to prepare to demonstrate both to their management 
and to 0MB that the projects were well planned; and 

• use of earned value management (EVM), which is a project 
management tool that can provide insight into project status, 
warning of schedule delays and cost overruns, and unbiased 
estimates of total costs. 

Among other initiatives, 0MB also developed and oversaw the 
implementation of policies, principles, standards, and guidelines for 
information securit)-, and reviewed agency information security 
programs at least annually. In addition, 0MB was responsible for 
overseeing enleiprise architecture' development within and across 
agencies. 0MB, the National Institute of Standards and Technology, 
and the federal Chief Information Officers (CIO) Council issued 
frameworks that define the scope and content of architectures.* 
0MB used these frameworks to assess agencies’ enterprise 
architecture activities. In addition, 0MB has issued a collection of 


*An enlerprisc architecture ib an organixationaJ bluopiint that defines — in logical or 
business terms and m technology terras — how an organization operates today, intends to 
operate in the future, and intends to invest in technology to lrai\sition to this future state. 

“O.MB, Circular A-l^, National Institute of Standards and Technology, l-nformation 
Mannijement JHrections: The Integration QuULenge, ^jecial Piiilication K)0-167 
(■September 1989); and CIO Council, Federal Enterprise Arr-hitecture Framework, Version 
l.l (September 1^). 
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five reference models'" (Business, Performance, Data/Information, 
Service, and Technical) that are intended to facilitate 
govemmentwide improvement through cross-agency analysis and 
the identification of duplicative investments, gaps, and 
opportunities. 

The CUnger-Cohen Act also requires agency heads to designate 
Chief Information Officers to lead reforms to help control system 
development risks, better manage technology spending, and achieve 
real, measurable improvements in agency performance through 
better management of information resources. As such, the 
responsibility for directly managing IT projects and implementing 
OMB’s guidance lies with agency heads and their Chief Information 
Officers 


0MB Initiatives Have Improved Oversight and Transparency, but 
More Work Remains 

OMB has established initiatives aimed at increasing oversight and 
transparency of federal IT projects. However as we have previously 
reported and recommended, more attention needs to be placed on 
improving these initiatives. Specifically, 

. OMB took steps to improve the identification of poorly planned and 
performing IT projects, but projects totaling billions of dollars 
require more attention; 


"the Busine.ts Rtfcrence Model is intendeej to describe the business operations of the 
federal government independent of the agencies ihai perform thorn, including defining the 
services provided fo state and local governments. The Peiformance /l^erence Mcxiel is to 
provide a common set of general performance outputs and measures for agencies to use to 
achieve business goals and objectives- The DcUa and /n/omatwn R^ermce Model is to 
describe, at an aggregate level, the type of data and infonnaUon that siqiport program and 
business line operations, and the relationships among these types. The Service Component 
Reference Modd is to idennfy and classify IT service (l.e., application) components Uiai 
support federal agencies and promote the reuse of components across agencies. The 
Technical R^ermce Model is to describe how technology is supporting the delivery of 
service con^onents, including relevant standards for Implementing the technology. 
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• OMB has taken steps to enhance oversight of agencies' investment 
justiflcations, but accuracy and reliability concerns remain; and 

• OMB has required the use of EVM, but agencies’ earned value 
management policies and implementation need improvement. 


OMB Has Taken Steps to Improve the IdenttRcation of Poorly Planned and Performing 
IT Projects, but Projects Totaling Billions of Dollars Still Require Oversight 

Beginning in 2004, OMB identified major projects that were poorly 
planned by placing them on a quarterly Management Watch Ust. The 
list was derived based on a detailed review of each investment’s 
Capital Asset Plan and Business Case, also known as the exhibit 300. 
OMB began using its Management Watch list as a means to oversee 
the justification for and planning of agencies’ IT investments. 

Over the past 4 years we testified on the hundreds of projects, 
totaling billions of dollars that OMB placed on the Management 
Watch list. For example, in 2008 we testified that OMB determined 
that 352 projects — totaling about $23.4 billion — ^were poorly 
plarmed." According to OMB’s evaluation of the exhibit 300s, 
investments were placed on the watch list primarily because of 
weaknesses in the way they addressed (1) cost, schedule, and 
performance; (2) security; (3) privacy; and (4) acquisition strategy. 

In order for OMB to take advantage of the potential benefits of using 
the Management Watch List as a tool for analyzing and following up 
on IT investments on a govemmentwide basis, in 2006 we 
recommended that the agency: (1) publicly disclose the deficiencies 
of projects on the Management Watch List; (2) use the list as the 
basis for selecting projects for foUow-up and for tracking follow-up 
activities (including developing specific criteria for prioritizing the 
IT projects included on the list, t^ng into consideration such 
factors as their relative potential financial and program benefits, as 
well as potential risks); (3) analyze the prioritized list to develop 
govemmentwide and agency assessments of the progress and risks 
of IT investments, identifying opportunities for continued 
improvement; and (4) report to Congress on progress made in 
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addressing risks of mayor IT investments and management areas 
needing attention." 

0MB took steps to address our recommendations by publicly 
disclosing the deficiencies of projects and developing 
governmentwide and agency assessments. Specifically, 0MB started 
disclosing projects’ deficiencies (i.e., the reasons for inclusion on 
the Management Watch list) in April 2008. In addition, 0MB 
performed govemmentwide and agency-specific analyses of 
projects' deficiencies, which it reported to Congress and disclosed 
pubUcly in April and July of 2008. 

The Management Watch Ust has been instrumental in helping 
prioritize projects that require follow-up action and in informing 
Congress on management areas needing attention. However, the 
future of the Management Watch List is uncertain because 0MB 
officials recently stated that the agency has not decided it it plans to 
continue to use this list. 

As defined by 0MB, high-risk projects were those that agencies 
identified as requiring special attention from oversight authorities 
and the highest levels of agency management. These projects were 
not necessarily at risk of failure, but may be on the list for a variety 
of reasons such as that the agency had not consistently 
demonstrated the ability to manage complex projects. To identify 
high-risk projects, staff from each agency's Office of the Chief 
Information Officer compared criteria against their portfolio to 
determine which projects met OMB’s definition for high-risk and 
performance shortfalls. They then submitted the Ust to 0MB for 
review. High risk projects failing to meet one of four performance 
evaluation criteria were considered to have “performance 
shortfalls.” 

In our analysis of the high-risk projects in June 2008, we found that 
of the 472 IT projects that were categorized as high risk, at least 87 
had performance shortfalls — collectively totaling about $4.8 billion 
in funding requested for fiscal year 2009. Agencies reported cost and 
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schedule variances that exceeded JO percent as the most common 
shortfall. 

To improve the identification and oversight of the high-risk projects, 
we recommended, among other things, that 0MB establish a 
structured, coasistent process to update the list of high-risk projects 
on a regular basis, including identtfting new projects and removing 
previous ones to ensure that the list is current and complete.” We 
also recommended that 0MB develop a single aggregate list of high- 
risk projects and their deficiencies and use that list to report to 
Congress the progress made in correcting high-risk problems, 
actions under way, and further actions that may be needed. 

0MB took several steps to address these recommendations. The 
agency clarified the high-risk project criteria in 2008. It also asked 
agencies to identify, in their quarterly reports, reasons for placement 
on the list and reasons for removal, thereby adding structure and 
consistency to the process for updating the list In addition, 0MB 
also started publicly releasing aggregate lists of the high-risk 
projects in September 2006, and had been releasing them on its Web 
site quarterly. 

As we previously testified," 0MB had not identified the deficiencies 
(i.e., performance shortfalls) associated with the high-risk projects. 
Doing so would allow 0MB and others to better analyze the reasons 
projects are performing poorly, take corrective actions, and track 
these projects on a governmentwide basis. Such information would 
also help to highlight progress made by agencies or projects, identify 
management issues that transcend individual agencies, and highlight 
the root causes of govemmentwide issues and trends. In addition, 
0MB has not released an update to the high-risk list since the first 
quarter of fiscal year 2009, and, as with the Management Watch List, 
OMB officials indicated that the agency has not decided if it plans to 
continue the use of the high-risk list. 
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0MB Took Steps to Enhance Oversight of Agencies’ Investment Justifications, but 
Accuracy and Reliability Concerns Remain 

As another step aimed at increasing oversight of agencies’ IT 
investments, 0MB — in response to the Clinger-Cohen Act and other 
statutes — required agencies to prepare investment justifications for 
major IT projects, referred to as the etchibit 300. The exhibit 300 is a 
reporting mechanism intended to enable an agency to demoiBtrate 
to its own management, as well as to 0MB, that a maior project is 
well planned in that it has employed the disciplines of good project 
management; developed a strong business case for the investment; 
and met other administration priorities in defining the cost, 
schedule, and performance goals proposed for the investment. 

In January 2006, we noted that the underlying support for 
information provided in the exhibit 300s was often inadequate and 
that, as a result, the Management Watch List may be undermined by 
inaccurate and unreliable data,'* For example, documentation of tlie 
information either did not exist or did not fully agree with specific 
areas of all exhibit 300s. We recommended, among other things, that 
0MB provide more specific guidance to the agencies and direct 
agencies to improve the accuracy and reliability of exhibit 300 
information. 

To address our recommendations, in June 2006 0MB modified 
exhibit 300 requirements and provided more guidance for specific 
sections. Also in June, 0MB directed agencies to post their exhibit 
300s on their Web sites within two weeks of the release of the 
President's budget request for fiscal year 2008. As part of the 2010 
budget cycle, OMB asked agencies to disclose wesdcnesses in the 
accuracy and reliabilily of information reported in their exhibit 300s. 
Ensuring the reliability of these investment justification documents 
is essential to enable effective strategic planning, performance 
measurement, and investment management, which, in turn, make it 
more likely tliat the billions of dollars in government IT investments 
will be wisely spent. 


'‘GACKI6-250 
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0MB Has Required Use of Earned Value Management, but Agencies’ Earned Value 
Management Policies and Implementation Need Improvement 

Pulling together essential cost, schedule, and technical intoimation 
in a meaningful, coherent fashion is a challenge for most programs. 
Without meaningful and coherent cost and schedule information, 
program managers can have a distorted view of a program’s status 
and riste. Earned Value Management (EVM) is a project 
management approach that, if implemented appropriately, provides 
objective reports of project status, produces early warning signs of 
impending schedule delays and cost ovenuns, and provides 
unbiased estimates of a program's total costs. 

In August 2005, 0MB issued guidance outlining steps that agencies 
must take for all mtuor and high-risk development projects to better 
ensure improved execution and performance and to promote more 
effective oversight through the implementation of EVM."Among 
other things, this guidance directed agencies to develop 
comprehensive policies to ensure that agencies use this 
management tool to plan and manage development activities for 
major IT investntents. 

In reviewing agencies’ implementation of OMB’s EVM guidance, we 
identified weaknesses with policies and implementation at several 
mtjor departments. Examples include the following; 

• Tile Department of the Treasury had an EVM policy that clearly 
defined criteria for which programs were to use the management 
tool. However, this policy did not require and enforce earned value 
management training for personnel with investment oversight and 
program management responsibilities, nor did it adequately address 
key elements for ensuring reliability of earned value data — including 
program EVM compliance with the national standard.” 

. The Federal Aviation Administration (FAA) was using EVM to 
manage IT acquisition programs, but not ail programs were ensuring 
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that theii earned value data were reliable." One program did not 
adequately validate contractor performance data. We found 
anomalies in which the contractor reported spending funds without 
accomplishing work and others in which the contractor reported 
accomplishing work while crediting funds to the government 

We made a number of recommendations to each of these agencies 
to clarify and expand their EVM policies and strengthen their 
oversight processes at the program level. The Treasury has recently 
implemented some of our recommendations to improve its earned 
value management policies and practices. For example, in 
September 2008, the agency issued a new EVM policy stating that 
each bureau shall develop, implement, and use a standard earned 
value management process. In response to our recommendations to 
FAA, the agency reported that it has initiatives imder way to 
improve its EVM oversight processes, including work to ensure that 
all contract provisions specific to this management tool are being 
met. 

Until these agencies expand and enforce their EVM policies, it will 
be difficult for them to optimize the effectiveness of this 
management tool. Furthermore, without robust oversight of earned 
value management at the program level, these same agencies face an 
increased risk that managers are not getting the information they 
need to effectively manage the programs. We are currently 
evaluating for this subcommittee the state of EVM implementation 
at eight major agencies and plan to report on this work later this 
year. 


In summary, OMB made progress implementing several initiatives 
aimed at improving oversight and transparency of federal IT 
investments, such as the Management Watch and high-risk lists and 
govemmentwide use of EVM. Nevertheless, more needs to be done 
by the executive branch to further increase the oversight and 
transparency of IT projects. The executive branch needs to build on 
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its successes and also look for more efficient and comprehensive 
ways to bolster oversight and transparency. Accordingly, 0MB 
needs to decide if it is going to continue to use its Management 
Watch list and high-risk list to track poorly planned and performing 
projects. If 0MB decides not to use these tools, it should promptly 
implement other appropriate mechanisms to help oversee IT 
investments. Without adequate oversight and transparency of IT 
projects the federal government risks wasting potentially billions of 
taxpayer dollars. 

Mr. Chairman, this concludes my statement. I would be happy to 
answer any questions at this time. 


Contact and Staff Acknowledgements 
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Good afternoon Mr. Chairmen and Members of the Committee, 1 am pleased to be 
invited back to share my views on “Government 2.0: Advancing America into the 21st 
Century and a Digital Future.” My remarks today will focus on the challenges facing the 
federal government and recommendations to assist agencies to meet the expectations of 
society, and especially today’s generation, which has grown up in a networked, 
collaborative world. Simply put, Mr. Chairman, the text-message generation is not going 
to accept a carbon-paper government. 

There are two issues raised in your invitation letter; the cost-effective use of Information 
Technology (IT), and improving interaction with citizens, transparency, and green IT. I 
would like to address the issues in reverse order, starting with the use of technology to 
enhance government transparency and citizen participation. 

Innovation and Transparency 

In October 2008, the Office of Management and Budget (0MB) and the Chief 
Information Officers (CIOs) Council partnered with the National Academy for Public 
Administration (NAPA) to hold the National Dialogue on Health IT and Privacy. The 
National Dialogue piloted an interactive, web-based discussion platform which allowed 
the public to submit ideas, refine them through discussion, and vote on the submissions. 
All stakeholders could promote and prioritize innovative ideas, voice concerns, and 
propose guiding principals. Participants illustrated these with personal stories concerning 
health care information privacy. 

The Febniary 2009 NAPA report on the success of the collaboration process used for the 
Health IT Dialogue (http://www,scribd.com/doc/12345523/A-National-Dialogue-on- 
Health-IT-and-Privacy-Final-Panei-Report) recommends the Administration “(further 
explore) methods of public engagement, such as the National Dialogue, that give 
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participants the opportunity to share their ideas; provide clear choices regarding public 
policy options; focus on building durable consensus on national issues; and informed by 
the application of independent, neutral expertise to the ideas, concerns and priorities that 
emanate from such engagements.” 

I commend the Administration for their announcement of again partnering with NAPA. 
Starting yesterday, April 27, the Recovery Accoimtability and Transparency Board and 
0MB are hosting a dialogue with the American people to address the key question: 

“What ideas, tools, and approaches can make Recovery.gov a place where all citizens can 
transparently monitor the expenditure and use of recovery funds?” A link to this National 
Dialog can be found on the Recovery Accountability and Transparency Board web site at 
http://www.Recovery.gov. This approach directly involves all constituencies in the 
process, allowing them to recommend, discuss, and vote on the best ideas. 

Government information should be searchable and discoverable 

Making government information searchable and discoverable by the public brings more 
transparency and thereby trust in our government. And it allows the public to lend 
innovation to the analysis of such data, combining data from multiple sources into “mash- 
ups;” a term so new as to not be in the dictionary, but established enough in our internet- 
driven world to be understood by everyone, especially the “millennials” which are a 
segment of the population larger than the “boomers.” 

However, making information searchable and discoverable can also improve the 
effectiveness of government agencies in their every day missions at little cost to 
implement. For example, the Maritime Domain Awareness Initiative; a collaboration 
between the Departments of Defense, Transportation, and Homeland Security, 
established a standard vocabulary for exchanging data between computers at local 
agencies and federal maritime organizations to help battle smuggling, terrorism, and 
other criminal activities. This is the sort of information sharing envisioned in Public 
Law No. 1 10-53; “Implementing Recommendations of the 9/1 1 Commission Act of 
2007.” 

I would propose that more initiatives such as these need to be sponsored to assist 
agencies with their missions and those of the state and local governments. Some of these 
innovations will happen organically as today’s young people, who are growing-up in a 
collaborative world, move into the Federal workforce. But there will be cases where 
Congress will have an opportunity to break-down some of the parochialism of the Federal 
government through authorization, or appropriation, or oversight. 

In other cases, the law will need to be changed to accommodate collaboration between 
the people and the people’s government. For example, the Paperwork Reduction Act of 
1 980, which was intended to reduce the burden of collecting information from the public, 
effectively prevents agencies from gathering feedback or user-generated content online. 
Adding a website surt'ey requires an approval process which includes a public comment 
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period. It’s a Catch-22; we ask the public to comment on whether we can ask for their 
comments. 

There is also a provision in the appropriations law which prohibits federal Web sites from 
using persistent cookies except under certain conditions. That disables a wide range of 
Web 2.0 applications. And after solving those technical issues, agency website 
managers still face a thicket of legal issues if they want to sign a contract with YouTube, 
Flickr or other sites the public takes for granted. GSA should be congratulated for 
recently negotiating agreements to allow the federal government to use some of these 
services without charge, thereby avoiding the need for contracts. If Congress wants the 
government to move into the Web 2.0 world, these laws, regulations, and procurement 
rules will need to be re-written. 

Interaction with Citizens 

Regulations.gov moved the regulatory process into the internet age. This is the perfect 
example of enabling e-democracy and enhancing public participation in our government. 
The Regulations.gov initiative applied new information and communications 
technologies to the hide-bound, inscrutable federal rulemaking process, making the 
process more efficient and ultimately producing better decisions. It is now time to move 
to the next level and next generation ofRegulations.gov to improve the usability of the 
site. 

The American Bar Association (ABA) released their 2008 report, “Achieving the 
Potential,” giving their assessment ofRegulations.gov, and recommendations to enhance 
and improve the site. (http;//www.abanet.org/adminlaw/E- 
Rulemaking%20Report%20Web%20Version.pdf) 

Similarly, the Cornell University Law School has launched their e-Rulemaking initiative 
( httpV/ceri.law.cornell.edu/l . conducting theoretical and applied research on the 
technology and practice of e-rulemaking, and making a number of recommendations to 
enhance Regulations.gov. 

However, perhaps the American Bar Association and Cornell University should take a 
cue from Jerry Brito of the Mercatus Center. Like Cornell and ABA, Mr. Brito didn’t 
like the Regulations.gov user interface. So, Mr. Brito created a Web 2.0 solution, and 
launched OpenRegulations.org which provides an alternative, competing interface to the 
Regulations.gov database. Has Mr. Brito done a better job than the government? We 
don’t know; the marketplace of the internet will decide. But I do know, by providing 
searchable data and accessible systems, we are allowing people to access their 
government on their terms. And that is a success. 

Information Management Challenges 

When looking at the above examples, there are challenges in the expansion of these 
efforts. In order to understand the challenges, I recommend we take a step back and 



63 


examine how the federal government manages information in the 2 1 st century. 
Information is valuable only if it is accurate, relevant, timely, and complete. We are 
producing, gathering, processing, storing and distributing more information and doing it 
faster than ever before. I would propose we redefine the use of information and 
information management. The government must plan for the total life cycle of the 
information from acquisition of information and information technology through the 
retirement of the information and proper records management. We need to contemplate 
how information could and should be managed and protected to ensure we can maintain 
our leadership and innovation in the global economy. 

Current statutes lead to several policies at the government-wide level and 
department/agency level that are intended to address the government’s risk-based 
approach to information management. Both public and private sector organizations 
struggle with this challenge. The complexities of the current environment make it 
difficult for public and private sectors to answer basic questions such as: 

1 . How much risk is acceptable? 

2. What standards should we follow? 

3. What is an acceptable technical solution? 

4. Who is going to use my services? 

5. What information is collected and why? 

6. How we will use the information? 

7. Do I need a “System Records of Notice?” 

8. What is our responsibility for identity theft? 

9. What are the legal issues associated with data loss? 

Information Management Modernization 

By examining the existing statutes and looking at the potential from the above examples, 

I believe this is an opportunity for Congress to move the Executive Branch into the 21 st 
Century. For example, the federal business processes which govern Regulations.gov are 
founded in numerous statutes, 0MB Circulars, and policy memos. 

Dragging the 60-year old Administrative Procedures Act (APA) into the internet age is 
highlighting the gulf between today’s internet driven expectation of instant 
communications and instant response with the purposefully slow-moving and deliberative 
processes prescribed by the APA. The APA (enacted in 1946); bom in an era of slow, 
expensive, paper-based communication; mandates written documentation of the 
thoughtful disposition of every comment received. Today’s generation is teaching us the 
value of broad online collaboration. Instant status updates to our friends; to our network 
of friends, are no longer novel; they’re expected. 

If Congress wants to achieve this level of transparency and participation in the regulation 
process, then you may want to revise how regulations are developed. For example, 
holding a public dialogue on potential environmental regulations, similar to the one 
happening now for Recovery. gov, could streamline the process. 
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• Would it really be necessary to publish it in the Federal Register? 

• Would it be necessary for the agency to provide the information to 0MB and 
specify the disposition of each comment? 

• Does this approach take the place of the Docket? How do we know that all public 
comments have been addressed? 

• Will the National Archives be able to take these records? Will future generations 
be able to retrieve the information to know the decisions were made? 

The opportunity is here for the government to evolve to digital democracy. However, 
Congress needs to weigh the value of network collaboration against the value of 
legislative balance enacted in the APA. Along with the APA, Uiere are many government 
statutes providing the foundation for information management. Here is subset of them: 

1 . Privacy Act of 1974: Addressed the abuse of privacy during the Nixon 
Administration; 

2. Computer Matching and Privacy Protection Act of 1988: Amended the Privacy 
Act of 1974 by adding certain protections for the subjects of the Privacy Act 
records whose records are using in automated matching programs; 

3. Paperwork Reduction Act of 1980: Established to regulate matters regarding 
federal information and information policies intended to reduce the total amount 
of paperwork handled by the US govermnent and the general public; 

4. Presidential Records Act of 1978: Established to govern the official records of 
Presidents and Vice Presidents created or received after January 20, 1981 and 
mandates the preservation of all presidential records; 

5. Federal Records Act of 1950, as amended: Established the framework for records 
management programs in Federal Agencies and the National Archives and 
Records Administration; 

6. Clinger-Cohen Act, formerly the Information Technology Management Reform 
Act of 1996: Designed to improve the way the federal government acquires, uses 
and disposes information technology' (IT); 

7. E-Government Act of 2002: established to improve the management and 
promotion of electronic government services and provide a framework of 
measures requiring the use of Internet-based information technology to improve 
citizen access to government information and services; and 

8. Federal Information Security Management Act of 2002: recognized the 
importance of information security to the economic and national security interests 
of the United States and required each agency to develop, document, and 
implement an agency-wide program to provide information security for the 
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information and information systems supporting the operations and assets of the 
agency including those provided or managed by another agency, contractor or 
other source. 

Implementation of Green IT 

Only a few years ago, our concept of online content was e-mail and web pages. Today, 
society is rushing forw’ard with online music, online movies, online television, and, of 
course, online government. This huge increase in online content has driven a need for 
more computers, more data storage, more networks, and, of course, more electricity to 
run all of them. While the effect of carbon emissions on global warming is debated, two 
aspects of energy consumption are irrefutable; electricity is expensive, and computers and 
data centers are ultimately limited by the heat they produce. 

The government has not been static or complacent in this tug-of-war between electricity 
consumption and data demand; government has been leading a number of IT energy 
initiatives. The most obvious of these is the Environmental Protection Agency’s (EPA’s) 
work on green data centers, Labs21, and the Office of the Federal Energy Executive. 

A less obvious energy initiative; the goal of OMB’s Information Technology 
Infrastructure Line of Business (ITILOB) was to reduce the cost of IT infrastructure 
across the government. However, as a side benefit, the ITILOB, in conjunction with EPA, 
allowed agencies to perform a complete inventory of their computers and data centers 
energy consumption profile. 

Another energy-saving initiative is a by-product of the Federal Desktop Core 
Configuration (FDCC). During 2007, 0MB in collaboration with National Institute of 
Standards and Technology, the Departments Homeland Security and Defense, the 
National Security Agency, and Microsoft, developed a set of information security 
controls to be implemented on all Federal desktop computers running Microsoft 
Windows XP or VISTA. Tliis set of controls is known as the Federal Desktop Core 
Configuration (FDCC). The initial impetus for this project was to improve the cyber 
security of these desktop computers. However, as a secondaiy' benefit, the FDCC also 
optimizes the energy settings of every computer. 

These are just a couple of the efforts undeiw'ay which should continue and evolve to 
realize the promise of effective use and implementation of information technology. 

Invest in High Priority and Cost Effective Information Tcchnoiogy Systems 

Capital Planning and Investment Control (CPIC) and Enterprise Architecture (EA) are 
the tools the agencies should be using to achieve this goal Congress, General 
Accountability Office (GAO), 0MB and Federal agencies have focused a considerable 
amount of effort on ensuring investments in information technology are selected wisely, 
managed effectively, and delivered successfully — and yet agencies continue to straggle 
in delivering quality solutions on time and within budget. As agency IT investment 
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dollars have increased over the last decade, and systems have become more 
interconnected and therefore more vulnerable, the stakes have become even higher in 
getting large and complex development efforts right. 

While imposing the disciplines of capital planning and investment management on 
indhidual major IT acquisitions and projects (i.e., Exhibit 300s also known as business 
cases) is both prudent and necessary from a management standpoint, this alone is 
insufficient to fully address today’s IT investment challenges: recognizing and 
preventing unnecessary duplication of effort across federal, state and local governments, 
prioritizing projects; funding the most critical, beneficial, and cost effective investments; 
and then, sequencing and timing the development and deployment of major agency 
systems correctly. 

Currently, agencies submit approximately 750 individual business cases through their 
Departmental offices to 0MB. Agency invesnnent review boards typically review only a 
subset of these in-depth, again on an individual basis, Rather than trying to electronically 
or otherwise digest the details of all of these “major’ systems investments, relying on 
coding and mappings to functions in an abstract business reference model to identify 
common themes, and trying to discern which investments with seemingly equal merit are 
higher priority than others, 0MB and Agency Heads alike would be well .served if 
agencies could provide a “composite view” of their IT program, strategies, priorities and 
concerns, and a roadmap of prioritized and sequenced systems investments which maps 
to the other document produced such as the Agency’s strategic plan. Information 
Resources Management Strategic Plan, E-Government Sttategy and other major planning 
documents required by statutes and/or policy, to inform the budget formulation, 
prioritization and decision-making processes. This “composite view” of the agency IT 
program and investments should also clearly show where there are relationships and 
dependencies among major projects. 

The agencies should be doing the heavy lifting for investment review and analysis, and 
presenting the results of their reviews and evaluations to 0MB in the form of a strategic 
plan with supporting investment portfolio identifying and considering stakeholders and 
internal performance improvement opportunities and needs, a description of their IT 
architectural roadmap, and a discussion of overall IT management and operational 
performance (including issues such as security and privacy). To do this well, agencies 
should bolster the role and contribution of the Department-level CIO staffs in investment 
analysis and review beyond a mere pass-through of business cases to 0MB. Equip and 
empower the CIO to provide meaningful investment analysis, strategy, and oversight, and 
do not continue to allow component agencies to disregard Departmental policy and 
direction by investing in IT independently of the larger organizational and government- 
wide strategy. 

The old adage that “Timing is everything” is just as true for IT as anything else. The 
agencies should be challenged to learn to budget their intellectual resources and capacity 
to apply concerted organizational effort on complex problems and system 
implementations just as much as they do their budgetary resources. Oftentimes, they try 
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to develop too many new systems at the same time without a composite road map, 
sequencing plan, understanding of the dependencies and relationships among different 
systems, and a master schedule to guide their efforts. The results can be painfiil for all 
involved and costly for the American taxpayer. These types of preventable problems are 
difficult to see without the big picture. Even the best cost, schedule, and performance 
tracking for individual systems can miss impending collisions of this magnitude. 

Manage Project Execution and Risk: Cost, Schedule, Performance 

The business cases 0MB collects to support the budget formulation process are intended 
to serve as a living document throughout an investments lifecycle. However, most 
agencies devote time to updating these business cases only when they have to submit 
them to 0MB as part of the budget process. They are not the best way, as I stated in the 
past, to track ongoing project execution and to have visibility into how projects are 
progressing and managing risk. 

Earned Value Management (EVM) is often touted as a magic bullet solution to project 
cost and schedule overruns. This is not my experience. You have to know what you 
results you need to achieve for the tool to be effectively used. EVM is literally an 
industrial-strength solution to managing and measure progress on systems development 
efforts of a considerable magnitude and cost. However, it is not well suited or intended 
for small and medium sized projects, or those with relatively low development risk, as the 
cost to implement all of the planning, controls and tracking to the degree and level of 
precision prescribed may actually approach or exceed the investment in the project itself. 
EVM is best reserved for those projects that truly warrant that degree of complexity, what 
is termed, “major." However, I believe all IT investments should track, report and be held 
accountable for managing their cost, schedule and delivery on performance goals on a 
routine basis, whether using EVM or an “EVM-lite” performance tracking system more 
appropriate for the size, scope, nature and duration of the investment. Rather than relying 
solely on the annual exhibit review, moving to a more robust quarterly project reporting 
cycle for all projects in full acquisition would benefit both agencies and OMB’s ability to 
provide adequate oversight 

Much stock is also put into “original,” “programmatic,” “performance measurement,” 
and “current” baseline reporting. While 1 will not argue the value of tracking an 
investment’s original intentions to the ultimate outcome, sometimes years down the road, 
perhaps too much emphasis is being put on adhering to sometimes fragile baselines. To 
expect that an IT investment, once conceptualized and proposed, enters into a vacuum of 
sorts in which legislative and other requirements, programs, priorities, funding, functional 
and technical requirements do not change so as to potentially alter the scope, schedule 
and cost of that investment is simply unrealistic. Rather, actively engaging risk 
awareness and management and applying strategies to invest in less large-scale, long- 
term and perhaps grandiose systems development efforts would lessen the risk of veering 
hopelessly off of a project’s original or baseline investment target. Also, much like the 
business cases, to look at the cost and schedule variance of individual projects outside of 
the context of a master plan and schedule for the entire set of agency projects can be 
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misleading, as one project slips it can affect other projects and even cause a domino 
effect. 

Build upon Fundamentals 

When addressing the 21st Century Government, we should not lose sight of the progress 
made, and must build on the foundation in place. The CIOs are critical for a successful 
information management program and the effective use of IT. In 2004, GAO identified 
13 major areas of CIO responsibilities (http://www.gao.gov/new.items/d04823.pdf) as 
either statutory requirements or critical to effective information and technology 
management. Whereas people commonly associate CIOs with computers and 
information technology, a review of these 13 responsibilities makes clear a CIO manages 
information, which is enabled through the effective use of information technology. And 
to be successful, the CIO must address all of them, from privacy and security to records 
management. They should not and can not pick and choo.se which ones they will address, 
but rather they need to ensure they all are addressed so the American people have ihe best 
government services, know what their government is doing, and participate in the process 
in the most effective manner. The Federal Government serves the American people and 
the agencies should have the tools from IT and staffing through the underlying 
framework of laws, policies, and guidelines necessary' to achieve their missions. 

Conclusion 

Mr. Chairman, and Members of the Committee, this concludes my statement. Thank you 
for this opportunity to appear before the Committee. 1 would be pleased to answer any 
questions you have. 
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Chairman Carper, Senator McCain, distinguished members of the subcommittee, my name is Phil Bond 
and I am president of TechAmerica, Thank you for giving us this opportunity to testiiy today and to 
provide technology industry’s perspective on Government 2.0: Advancing America into the 21" Century 
and a Digital Future. 

TechAmerica is a trade association formed by the January merger of three major technology industry 
associations ~ the information Technology Association of America (ITAA), AeA (formerly the American 
Electronics Association), and the Government Electronics and IT Association (GELA). The new entity 
brings together over 1,500 member companies in an alliance that spans the grass-roots - with operations 
in nearly every U.S. state — and the global, with relationships with over 70 national IT associations 
around the globe. TechAmerica is the largest advocacy organization for the U.S. technology industry, 
which is the driving force behind productivity growth and jobs creation in the United States and the 
foundation of the global innovation economy. 

Today, I am here to highlight the opportunities within government to increase use of new technologies 
and management practices based on the concepts of collaboration, transparency, and connection. 

We are now living in an age of the empowered citizen, voter, and worker. This is a global phenomenon, 
propelled first by the establishment of telecommunications networks and mass-m^ket hardware, made 
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possible by the growth of the Internet, and now reaching critical mass with widespread adoption of peer 
networks and Web 2.0 technologies, and the increased use of social software and networking.' 

As we look at data on the macro-environment, the Internet now counts almost 1 billion users. Almost 
one-third of the world’s population will be on the Web by 201 1. There will be 4 billion mobile phone 
subscribers worldwide by the end of this year. Users of such networks and devices want to connect with 
each other, to improve their work, family, and social lives, and to have a voice in governing their 
countries. 

The technologies that facilitate such connections go by many names but are commonly categorized as 
“Web 2.0.” Web 2.0 technologies are built into many social media, software, and networking sites and 
applications. Among the tools in this domain are collaborative, deliberative, and peer networks and 
social, messaging, and chat software. Essentially, these are tools for interacting and sharing data with 
other users on a network. Concepts often related to social computing include, among others, cloud 
computing and enterprise 2.0. These concepts are more related to delivery of fully-formed software 
applications and services over the Internet. 

TechAraerica believes that the federal government, as well as its slate and local partners, have important 
roles to play in spurring further innovation in, and adoption of, these technologies. The Committee 
should consider ways to further encourage acquisition and use of new communications tools and adoption 
of management practices to help governments be more responsive to citizens, employees, and other 
stakeholders. The Committee can also play a critical role in reducing stovepipes and barriers within the 
Federal government that slow down the adoption of these newer technologies. 

Overseas, we are seeing examples of networked governments and agencies using social computing to 
create new ways of interacting with constituents and creating different ways of doing business. Some 
examples of novel uses of social software and related technologies are: 

• Statistics Canada uses the web to conduct portions of the census and makes much of its data available 
for review and download. Their site has become highly interactive with featured areas for 
schoolchildren, environmentalists, and researchers.^ 

• Political leaders, such as U.K. Foreign Secretary David Miliband, Hungarian Prime Minister Ferenc 
Gyurcsany, and Australian Leader of the Opposition Malcolm Turnbull, have used blogs to build an 
unmediated relationship with citizens.'’ 


’ A near-comprehensive overview of social computing technologies is available on Wikipedia.org - 
httD://en. Wikipedia. ore/wiki/Sociai software Icomouter software! 


" http://www.statcan.gc.ca/start-debut-ene.html 

® httDs://blogs. fco.gov.uk/roller/miliband/ : http://www.kapcsolat.hu/bloe/evurcs3nv : 
http://www.malcolmturnbull.com.au/Pages/Headlines.aspx7SectionlDg3 
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• New Zealand has launched an "e-initiatives" wiki, which replaced an older, static reporting approach 
to tracking progress of e-government, and provides an environment for public servants to share e- 
government experiences. It now covers more than 530 projects from 93 government organizations. 

• The United Kingdom’s Department for International Development has set up a group blog, written by 
frontline staff, as a way of giving citizens new insights into the work of the department.'* 

• As of April 24, more than 475,000 people are following the daily activities of the U.K. Prime 
Minister via Twitter.’ 

• Sweden has opened a virtual embassy on Second Life. 

Likewise, many states and localities have begun to tap the power of social interaction via networks: 

• Former Washington, DC CTO Vivek Kundra, who is now the federal CIO, made District of Columbia 
data sets freely available for download, so that users might develop applications to better analyze the 
data and share information with the public.^ 

• The Commonwealth of Virginia is using social software to connect and inform its citizens with RSS 
feeds. Virginia offers its citizens over 34 different kinds of feeds including feeds for local news, 
employment opportunities and legislative information. Many Departments of state government post 
videos to YouTube.’ 

• Oakland County, Michigan has set up a website that combines videos, user forums, and blogs as a 
way of encouraging dialogue with and between its citizens.* 

• Fairfax County has extensive online services for constituents, including immediate posting of Council 
meeting proceedings to YouTube. 

• The State of California Franchise Tax Board used a YouTube video to explain tax regulations. 

• As the Dakotas braced for the impact of the rising Red River, citizens across North Dakota, South 
Dakota, Minnesota and Montana, prepared by sharing information on web and video blogs, on local 
news web sites, and via social networking sites. 

• Los Angeles-area first responders used Twitter and Google Earth to coordinate resources to respond 
to seasonal wildfires last year. The LA Fire Department now uses Twitter to obtain and share 
actionable on-scene updates and intelligence.’ 


** httD://blogs.dfid.KOv.uk/ 

’ httD://twitter.com/DownineStreet 

* httD://dcstat.octo.dc.eov/dcstat/cwD/view.3.1204.a.491676.dcstatNav.%7C30916%7C.a5n 
’ httD://www.vlreinia.eov/cinsDortal3/stav connected 4096/index. htmi 

* htta://www.oa kgov.com/index.html 
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As we look forward, we must recognize that these networks and software applications are just past the 
point of early growth. Users of Twitter number in the range of 10 million, while Facebook enjoys an 
estimated base of 200 million. Comparisons with the current global bases of personal computers and cell 
phones, and Internet users, point to the potential for a steep growth curve for social networks and software 
in the near future. TechAmerica sees such networks and applications as another engine of economic 
growth and job creation that has made our economy and technology sector the most dynamic, innovative, 
and competitive in the world. 

Challenges to Rapid Growth and Adoption of Social Computing 

To fully realize the potential growth of connected government in the United States, impediments to both 
constituent and government adoption must be addressed and mitigated. Factors that will work against use 
of social networking and software applications by the broadest possible base of constituents and other 
users include: 

The U.S. lead in technology innovation and technology-based transformation is slipping. While 
Silicon Valley and other hotbeds of technology activity continue to produce new software concepts and 
thriving technology firms based on those concepts, there is little doubt that the scientific and business 
climates in America are not as conducive as they once were to entrepreneurship in our industry. 

Last year, for the first time, the U.S. Patent & Trademark Office issued more patents to foreigners than to 
Americans. According to Business Week magazine, the rest of the world is expected to widen its lead 
over the U.S. as manufacturing and research and development continue to migrate to emerging markets. 
Other recent reports also show the U.S. losing its innovation edge. A study by the National Association of 
Manufacturers and Boston Consulting Group that ranks the U.S. eighth, with Singapore, South Korea, and 
Switzerland at the top. " 

Countries around the globe, and trading blocs such as the European Union, are setting their sights on 
closing the innovation gap with the United States through technology-enabled transformation. In 2005, 
the European Commission announced its i2010 policy framework. The i2010 strategy promotes the 
positive contribution that information and communication technologies (ICT) can make to the economy, 
society and personal quality of life. The goals of 12010 are to create a Single European Information 
Space, which promotes an open and competitive internal market for information society and media 
services, to strengthen investment and innovation in ICT research, and to support inclusion, better public 
services and quality of life through the use of ICT. The plan focuses new investment in areas such as 
broadband, e-Govemment, and digital literacy. 


^ httD.7/twittermail.com/Derson/LAFD: 

“ Arndt, Michael, "The U.S. is losing its lead in Patents" Business Week, April 22, 2009 

htto://www.businessweek.com/innovate/content/apr2009/id20090422 521441.htm?chan=innovation innovatio 
n-r%2B+desien toor-stories 

“ Boston Consulting Group/National Association of Manufacturers Innovation Index, March 2009 
httD://www.bce.com/about bce/media center/oress releases. isp?id=2877 

httD://ec.europa.eu/information societv/eeurope/i2010/inclusion/index en.htm 
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Information security concerns can be an impediment to adoption. As a result of cybersecurity and 
information assurance concerns, many agencies are hesitant to use social networking, file sharing, remote 
access, and other Web 2.0 tools. Good security practices must be built into the architecture of all agency 
applications and the business processes supported by those applications. A government-wide 
cybersecurity strategy based on a risk management approach, and an increased focus on cybersecurity 
research and development, will allow social computing tools to be more widely and safely deployed in the 
government. 

Other countries are using social software and networking tools to drive innovation in government service 
deliveiy and engagement with members of the public. If our government cybersecurity strategy, or lack 
thereof, prevent federal, state and local governments from taking advantages of these tools, the U.S. could 
see erosion in its market leadership in this field. 

The need for increased access to broadband services. Despite continued deployment of broadband to 
Americans, some parts of our country have been left behind. If these citizens don’t get broadband, they 
won’t be able to take advantage of its numerous benefits, including using e-government social networking 
and software applications. The benefits of e-govemment are one of the many reasons cited for the 
investments in broadband our government has undertaken. 

!n the American Recovery and Reinvestment Act of 2009, the government outlayed $7.2 billion in money 
to spur broadband deployment and to encourage uptake of broadband in communities where it already 
exists. E-government is not just a reason for broadband deployment - it can also be a driver of broadband 
uptake, which will help in building out next generation networks. 

It is important in looking at broadband and its benefits that we look not just at fixed broadband solutions, 
but also at mobile broadband. As I stated earlier in my testimony, over 4 billion people have mobile 
phone devices worldwide. Every day, more and more of these devices become broadband enabled. As 
these devices become broadband enabled, they are often serving as key communications devices and 
enable civilian communications with the government in times of critical need. Just looking at the work of 
our first responders in Los Angeles, and their use of Twitter and Google Earth, just touches on the 
emergency management capabilities of social networking and Web 2.0 enabled mobile devices. Getting 
mobile broadband to our communities is the necessary first step. 

A lack of identity management policy and tools. Identity is at the heart of our current transformation 
into the digital age. In the private sector, we must have trust in identity for businesses and their customers 
to expand online consumer service offerings. Likewise, the array and utility of government services 
delivered digitally will be diminished without a secure electronic means of identification for use by 
people accessing public services. Some countries are now offering benefits cards to create a trusted 
identity for e-government transactions. Others are using cell phones, knowledge-based authentication 
techniques, and digital signatures to created trusted identities. For example, Estonia was the first country 
to allow online voting for their 2007 parliamentary election. Over 30,000 of their 940,000 voters used a 
government-issued electronic ID card to vote online. Besides Estonia, Austria, Belgium, Finland, 

Portugal, Sweden, France, and many other countries have established some form of e-identity to create a 
trusted relationship for e-government activities. 

State and local government tax policy. Several state governments are seeking to levy new sales taxes 
on Internet advertising. Advertising revenues are the lifeblood of the vast majority of social media and 
networking sites. Much of the legislation is premised on re-defining the parameters for maintaining a 
“nexus” (or physical presence) in the state, to include media affiliates who advertise on in-state websites 
to drive traffic to an out-of-state retailer. Under the new laws, simply placing advertising on a web site 

5 



74 


available in the state constitutes a physical presence. One such bill passed in the 2008 New York state 
legislative session, prompting over 200 advertisers to pull out of ordine advertising arrangements that 
would expose their products and services to residents of the state.” 

Whether placing discriminatory taxes on high tech products, services, or medium; or the potential repeal 
of taxes that cause greater challenges for the US technology to compete, tax policy is a critical part of our 
industry's ability to ably compete. And yet, in these times of greater revenue demand by localities, states 
and the federal government changes to tax policy are being considered that while perhaps raising some 
revenue now would severely challenge the ability of this country to stay on leading edge of innovation, 
hence leading to a longer term decline in revenue. These short-sighted, short-term gains must not be 
allowed to take hold and rather correct tax policies must put in place, or allowed to remain in place, so 
that our long term ability to lead is supported. 

Empowering U.S. Government Adoption and Use of Social Computing 

As the Committee considers options to enable the use of more networks and the technologies that will 
empower government through greater openness and enhanced collaboration among agency employees, 
private sector partners, and constituents, we suggest that Members and staff review some of the core 
issues and impediments to federal government adoption of social software: 

• Low level and disjointed funding for enterprise-wide technology solutions. The very size of the 
federal IT budget, the “stove-piped” nature of its programs, combined with the short-term focus of the 
appropriation and authorization processes, make it very hard to sustain a long-term technology 
acquisition strategy across the span of the government. The government’s web initiatives have long 
been under-funded, or subject to last-minute cuts, although the federal CIO Council has done 
yeoman's work in pushing such projects forward. 

• Government technology acquisition practices are not suited to subscription to social networking 
services or software. Many social networking sites and software vendors require account owners to 
agree to terms of service that federal agencies cannot agree to, including indemnity, cost of defense, 
applicable law, and court jurisdiction contract clauses. 

• Government acquisition practices do not allow agencies to keep up with the pace of technology 
innovation. The government’s inability to quickly and nimbly purchase products often leaves it with 
out-dated technologies. In today’s environment, technology is constantly evolving; in fact, the 
refresh life span of many technologies is less than 18 months. A technology that is cutting 
edge today will almost certainly be surpassed by new innovations within a two-year period. 
Many government acquisition policies do not allow agencies to keep up with the rapidly 
changing face of technology. 

• The broad base of legacy systems and disparate IT infrastructure make information sharing 
difficult. There remains a wide and complex array of technology infrastructure, even within a single 
agency and its regional offices. While social networking and web sites are easily accessible to most 
end-users via a web browser, more complex applications such as collaboration software, video 
editing, and virtual worlds require late-model hardware and software. 


” Netchoice coalition - httD://bloe.netchoice.ore/2009/04/the-minnesota-affili3te-nexus-tax-or-how-to-kill-online- 
advertising-in-one-easv-step.htmi 
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• Inconsistent social software availability and access policy across federal agencies. Without 
uniform policies allowing for employee access to various social media sites and networks, any 
concerted effort to encourage federal agencies to engage in more use of social computing tools will 
begin with one hand tied. 

• Restrictions on public access to data. Significant portions of more than 1,000 U.S. government 
agency websites still cannot be searched despite laws - including the E-Govemment Act of 2002 and 
the Federal Funding Accountability and Transparency Act of 2006 - mandating transparency through 
the use of “Sitemaps.” 

Research released recently by the National Defense University points to the scale of the federal 
bureaucracy, government employee demographics, and information assurance and security concerns as 
additional impediments.'"’ 

Recommendations 

We will reserve our recommendations to those areas under the Committee’s purview; touching on factors 
that, if properly addressed by Congress and the Administration, would spur federal government adoption 
of the communications tools discussed in this testimony and promote the wise use of such tools: 

1. We second the guidance of the Federal Web Managers Council, who in December, 2008, called 
for the Administration to “communicate a government-wide strategy for using social media tools 
to create a more effective and transparent government.” We agree that the Administration’s Chief 
Technology Officer (CTO), working in conjunction with 0MB and the CIO, should require each 
agency to develop a social software/networking communications strategy that describes how it 
will use the agency website and selected social software tools to support its mission, reach new 
audiences, and engage the public.'* 

2. 0PM should update federal guidance on the use of social networks and software for government 
employees and contractors, as well as use by tele-workers. We believe that such tools, which 
would include messaging and collaboration software, virtual reality applications, and web video, 
will be an arrow in the policy quiver for driving increased adoption of tele-work practices within 
federal agencies, 

3. Federal agencies exploring the deployment of social computing tools might take a page from 
NASA, EPA, and other leading-edge users by committing senior executive-level support for use 
of such tools and developing a governance process to institutionalize the use of the tools. 
Informal committees or user groups can be used to assure that agency resources are being well- 
used, 

4. Explore share-in-savings procurement approaches that enable agencies to keep savings for 
innovative service delivery approaches. Allow a percentage of savings to go into a shared 


"Sociai Software and National Security; An Initial Net Assessment," by Mark Drapeau and Linton Wells I!, with 
the Center for Technology and National Security Policy, National Defense University 

** Recommendations of the Federal Web Managers Council, "Social Media and the Federal Government: Perceived 
and Real Barriers and Potential Solutions,” December 23, 2008 

httD://www. usa.gov/webcontent/documents/SociaiMediaFed%20Govr BarriefsPotentialSolution5.pdf 
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services pool for enterprise-wide contracting and deployment of enterprise-wide technologies 
used for information sharing. 

5. We concur again with the Federal Web Managers Council in urging the Administration to 
establish “a single terms of service that covers all social media sites, which excludes the federal 
government from the provisions in contracts to which federal agencies cannot subscribe.” 
Congress and the Administration should encourage more programs like GSA’s recently- 
announced contract with Facebook, which addresses the legal challenges inherent in government 
use of social media sites and software.'* 

The changes driven by social computing will have a profound impact on the way people live and work - 
the way we share experiences and communicate with the people; the way we preserve memories and 
materials; the way we learn; and how we interact with our communities and our governments. 

The United States, led by the federal government, should continue to push the envelope in areas of 
computer science where we hold market leadership. Driving continued innovation is an important priority 
for TechAmerica and our members. When I reached out to several of our members for assistance with 
gathering case studies, 1 received very prompt and informative responses and I’d like to specifically thank 
Cisco, Gemalto, Google, IBM, and SAP for their input. 

1 wish to commend the Committee for its efforts to review the policies of the U.S. Government as they 
relate to Web 2.0 and offer our services to Members and staff as a resource on the issues. 

Thank you for the opportunity to share my perspective on these issues with you this morning. I'd be happy 
to respond to any questions you may have on these topics. 


Beizer, Doug, "GSA signs agreement with Facebook" April 10, 2009 
httD://www.fcw.com/Articles/2009/Q4/10/Web-Facebook-GSA.asDK 


8 



77 


Post-Hearing Questions for the Record 
Submitted to Vivek Kundra 
From Senator John McCain 

“Government 2.0: Advancing America into the 21*' Century and a Digital Future” 
(Hearing Date: April 28, 2009) 


1 . The Management Watch List and High Risk List have been tools used by 0MB for 
prioritizing IT capital investments in special need of oversight and follow-up. 
Furthermore, they have served to highlight at-risk investments to Congress. However, 
GAO has testified in the past that neither of these tools are timely indicators of 
continuing performance shortfalls. 

a. Does 0MB plan to continue tracking IT projects using the High Risk and 
Management Watch Lists? 

Answer: No, we do not plan to continue to track IT projects using the High Risk 
and Management Watch Lists. 

b. If so: 

i. What are your plans to improve the lists so that the data is timelier and 
more reflective of current project performance? 

ii. What are your plans to improve the accuracy and reliability of the data 
0MB receives from agencies (Exhibit 300 & 53)? 

c. If not: 

i. Do you have an alternative method for prioritizing high risk investments 
and tracking project planning and performance? What are they? 

Answer: 0MB plans to adopt a new approach to oversee Federal agency IT 
investments rather than continuing the Management Watch List and High 
Risk List. We will track all IT investments using a new “IT Dashboard” that 
is currently under development and planned for deployment by June 30, 
2009. Agency CIOs will be responsible for updating information about their 
major IT investments on the IT Dashboard on a monthly basis, much more 
frequently than in the past. 

ii. Why do you believe this will provide better oversight than the reporting 
mechanisms already in place? 

Answer: The past practice of maintaining two separate lists about the same 
investments that were developed using different criteria was confusing to 
many people. In addition, the updates to the information were not frequent 
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enough to detect emerging problems and take corrective actions soon 
enough. The new approach will enable us to monitor all IT investments on a 
more proactive and frequent basis and detect and remediate problems 
sooner. It will also provide an unprecedented level of transparency to the 
citizens, Congress, and other stakeholders about IT spending and 
performance. 


2. There are several important online resources available for citizens to track how their 
taxpayer dollars are being used. USAspending.gov tracks government contracts and 
grants; Earmarks.gov provides databases on federal earmarks; and Recovery.gov tracks 
federal stimulus dollars. As important as these three sites are, their overall quality and 
completeness vary. 

a. Are there any planned upgrades to make Earmarks.gov more user-friendly or to 
include better search capabilities? 

Answer: A number of incremental improvements are planned for Earmarks.gov that 
will be phased in over the next year. Earmarks.gov currently provides earmark data 
by Agency, State, and Spending Committee, and we plan to expand these views to 
include Earmarks by Sponsor when we publish 2009 enacted earmark data this 
summer. In an effort to improve transparency, we will continue to consider 
additional improvements to the website and evaluate how to best to utilize resources 
and capabilities. 

b. According to the website today, Earmarks.gov has not been updated since 
September 2008. When is the next update scheduled? 

Answer. The next update to the Earmarks.gov website is scheduled for June 2009, 
when we expect to publish additional details on 2008 earmarks. 0MB is currently 
collecting data on FY2009 enacted earmarks and will publish this data upon 
completion of this collection. 

c. Will updates to Earmarks.gov include adding earmark recipient/beneficiary data? 

Answer. Earmark data is collected in two stages - “tracking” during congressional 
action and “detail” after fiscal year end. In order to provide more accurate and 
detailed information, recipient/beneficiary data is collected during the “detail” phase. 
The next publication of recipientdieneficiary data will be in June when the 2008 
earmark details will be published. 

d. Are there any planned upgrades to USAspending.gov? 

i. Answer: Yes, we intend to develop the capability to track and report 
spending at the subaward level, as required in the Federal Funding 
Accountability and Transparency Act not present in the current version of 
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USASpending.gov. We are also planning an overall update to the site to 
improve usability and aesthetics. 


3. Finding ways to lower overall IT investment cost and leveraging the purchasing power of 
the federal government is very important. OMB’s Lines of Business (LOB) initiatives 
serve this end by promoting consolidation of similar business processes and reducing the 
redundancy of common IT investments across agencies. 

a. What is the progress with this program? 

Answer: The current status of individual Lines of Business varies, some are further 
along toward meeting their goals and delivering results than others. 

b. Is this program a continuing priority for you? 

Answer: Delivering government services as efficiently and effectively as possible in 
the most citizen-centric ways possible is a continuing priority for me. However, I do 
plan to streamline OMB’s oversight of the Lines of Business initiatives, to enable us 
to focus more attention on new priorities and overseeing the entire IT investment 
portfolio, by delegating more responsibilities to the managing partners of the 
initiatives. 

c. Are there any obstacles (such as GSA policy) that are interfering with the 
continued progress of the program? 

Answer: There are some difficulties with the annual Memorandum of Understanding 
and fee collection process for those Lines of Business funded by contributed funds. In 
some cases, agency appropriators have written language preventing agencies from 
contributing to Lines of Business and e-Govemment initiatives. In other cases, when 
funds do not become available until late in a fiscal year, it can create a cash flow 
problem for the program managers to sustain their ongoing operations. 

4. You have been praised for making some significant changes to the way DC government 
invested in software. For example, you took advantage of the online services provided by 
Google for email and word processing. 

a. Is it possible for any of these services to be utilized: 

i. At the size and scale of the entire federal government? 

Answer: We believe it is possible for some of these kinds of services to be 
utilized at the scale of the entire federal government, especially if we 
logically separate specific services and do not try to lump them all together 
under one provider or platform. We plan to pilot a range of services to 
validate the viability of the technology and services and the management 
processes for them before we try to implement them government-wide. 
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ii. At the size and scale of a single agency or department? 

Answer: It is possible to use some services at an agency level and in some 
cases where agencies have unique requirements that may be appropriate. 
However, we intend to pursue common services across agency boundaries 
where appropriate because that has a greater potential efficiency than each 
agency redundantly acquiring the same services. 

b. Please comment on the challenges of holding government data, such as email, on 
the servers of private companies. 

Answer: The information must be managed to the same levels of protection as if 
it were hosted on government systems. That means private companies would need 
to understand and fulfill the same requirements as federal agencies regarding 
compliance with information management policies. And agencies would need to 
take the proper steps to ensure that private companies fulfill those requirements. 

c. How will you address the issue of privacy and data security with the use of such 
commercial industry services? 

Answer; We would undertake a joint effort with private sector providers to ensure 
they understand and comply with federal laws, regulations, and policies related to 
security and privacy. Language to that effect would be included in contracts with 
those companies, contractors would be informed of the requirements, and 
contracting officers and their representatives would be trained to enforce those 
requirements. 

d. AVhat policy, guidance, or laws would need to be changed to allow federal use of 
these services and products? 

Answer: It is not clear yet what if any specific laws or policies would need to be 
changed to allow federal use of those kinds of private sector services or products. 
We are in the process of evaluating those issues and intend to continue that 
evaluation through our pilot projects. When and if we identify the need for 
changes, we will act accordingly. 


5. During the hearing, you mentioned a review of 0MB IT oversight policies and 
procedures is ongoing and will be completed in about two months. 

a. Can you summarize the specific areas under review? 

Answer: We are re-evaluating the current procedures for overseeing all aspects of 
IT investment management. This includes the processes agencies use to develop 
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their plans and funding requests as well as the processes and tools used to oversee 
the execution of those plans and development of their systems. 

b. Will Congress be notified of your findings? 

Answer: Yes, we will inform the Congress about the results of that evaluation. 

c. When can an update of the VUE-IT website be expected? 

Answer: The existing VUE-IT application will be decommissioned. It will be 
replaced by the new IT Dashboard which will have better information, updated 
more frequently, better analytical capability, and better information visualization. 



82 


i 

^ G A 0 

AccpuntabHity » Integrity • Retlablllty 


Post-Hearing Questions and Answers for the Record 
Submitted to Mr. Powner 


June 12, 2009 

The Honorable John McCain 

Acting Ranking Member, Subcommittee on Federal Financial Management, 
Government Information, Federal Services, and International Security, 

Committee on Homeland Security and Governmental Affairs 
United States Senate 

Subject Information Technology: Responses Post-hearing Questions Regarding 
Efforts to Improve Oversight and Transparency of Information Technology 
Investments 

Dear Senator McCain: 

This letter responds to your follow-up questions about our April 28, 2009, testimony' 
before your Subconunittee. In that testimony, we discussed efforts to improve 
oversight and transparency of information technology investments. Your questions, 
along with our responses, follow. 

1. In your testimony, you cited concerns about weaknesses in agency Earned 
Value Management (EVM) poh'cies and their implementation. 

a. Do you have any suggestions for OMB to improve its EVM guidance in order 
to remedy the problems you have identified? 

OMB’s Earned Value Management guidance is generally consistent with the American 
National Standards Institute’s EVM standards. The EVM weaknesses we found at 
selected agencies are generally attributable to incomplete implementation of OMB’s 
EVM requirements and insufficient efforts to institutionalize EVM.* OMB has made 
efforts to enforce its requirements at certain agencies. For example, OMB required 
the Federal Aviation Administration to provide quarterly briefings on the status of its 
EVM program implementation. 

b. Are there any metrics or project management standards other thim EVM 
that can be used to accurately measure project progress? 


'GAO, Informadon Technology: Management and Owrsight of Projects Totaling Billions of Dollars 
Need Attention, GAO-09*624T (Washington, D.C.: April 2009). 

^GAO, Information Technology: Treasuiy Needs to Better Define and Implement Its Earned Value 
Management Policy, GAO-08-951 (Washington, D.C.: Sept. 22, 2008); and Air Traffic Control: FAA Uses 
Earned Value Techniques to Help Manage Information Technology Acquisitions, but Needs to Clarify 
Policy and Strengthen Oversight, GAO-08-756 (Washington, D.C.: July 18, 2008). 
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There are other means that can be used to measure a project’s cost and schedule 
performance. For example, one way is to measure a project against a detailed 
schedule. Another way is to measure how many function points — units of 
measurement that express the amount of business functionality an information 
system provides to a user— have been implemented and how many remain to be 
implemented. 

It is important to note that EVM is an industry standard that has been endorsed by the 
Department of Defense for over 40 years. GAO has also endorsed the use of EVM as 
an essential way for program managers and oversight bodies to understand how well 
a program is performing in terms of cost, schedule, and technical matters.^ This is 
important information for proactive program management and risk mitigation. 

c. If so, what are the pros and cons of each ? 

Although these other means can be effective, EVM is a more comprehensive way for 
program managers and oversight organizations to compare budgeted to actual costs, 
as well as measure the value of work accomplished in a given period. This technique 
compares the earned value with the planned value of work scheduled and with the 
actual cost of work accomplished for that period. Earned value provides information 
necessary for understanding the health of a program and an objective view of 
program status. As such, it can alert program memagers to potential problems sooner 
than expenditures alone can, thereby reducing the chance and magnitude of cost 
overruns and schedule delays. 

2. During the hearing before this subcommittee in June 2008, GAO’s report 
included a special section on rebaselining policy. GAO's concern was that 
rebaselining policy was not comprehensive or consistent across all federal 
agencies. 

a. Has 0MB released guidelines on rebaselining in accordance with previous 
GAO recommendations? 

0MB has not yet issued guidelines on rebaselining in response to the 
recommendations outlined in our July 2008 report.* 0MB declined to provide 
comments on our report. 

b. If so, has this improved GAO confidence regarding overall rebaselining 
policy? 

c. What still needs to be done? 


’GAO, GAO Cost Estimating and Assessment Guide: Best Practices for Developing and Managing 
Capital Program Costs, GAO-09-3SP (Washington, D.C.: March 2009). 

‘GAO, Information Technology: Agencies Need to Establish Comprehensive Policies to Address 
Changes to Projects’ Cost, Schedule, and Performance Goals, GA04)8-926 (Washington, D.C.: July 
2008). 
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We recommended that 0MB issue guidance for rebaselining policies that includes a 
minimum set of key elements. We also recommended that each of the heads of the 24 
major agencies direct the development of comprehensive rebaselining policies that 
address the vreaknesses we identified. 

3. During your testimony last month, you stated that in order to demand 
adequate JustMcation for all IT investments, OMB needs to streamline the 
business case process. 

a. What about the exhibit 300 reporting does not work? 

Certain information in the exhibit 300s is unreliable. As we have previously reported,' 
cost data in select sections of the exhibit 300s were unreliable because they were not 
derived from cost-accounting systems with adequate controls. In the absence of such 
systems, agencies generally derived cost information from ad hoc processes. 

b. Do you have any recommendations for improving the process? 

We have previously recommended that the Director of OMB direct agencies to 
determine the extent to which the information contained in each exhibit 300 is 
accurate and reliable. Where weaknesses in accuracy and reliability are identified, the 
agency should be required to disclose them and explain its approach to mitigating 
them. As part of the 2010 budget cycle, OMB asked agencies to disclose weaknesses 
in the accuracy and reliability of information reported in their exhibit 300s. 

c. Should these recommendations be implemented appropriately, do you still 
think the Management Watch List is a valuable oversight tool, or should an 
alternative be found? 

The Management Watch List has been a valuable oversight tool to flag poorly planned 
projects and cotild be more valuable if the reliability of the exhibit 300 data was 
improved. It is important to note that the Management Watch List has been 
supplemented with OMB’s high risk list to identify poorly performing projects. 

i. If so, why is it still useful? 

a. If not, can you suggest an alternative? 

Since the Management Watch List is based on unreliable exhibit 300 data and the high 
risk list does not cover aU major projects, there are opportunities to consolidate the 
oversight lists into a single comprehensive list that is based on reliable data and 
highlights all major federal IT projects requiring oversight attention. 


In responding to these questions, we relied on previously reported information on 
efforts to improve the oversight and transparency of federal information technology 


‘GAO, Information Technology: Agencies Need to Improve the Accuracy and Reliability of Investment 
Information, GAO-0&-250 (Washington, D.C.: January 2006). 
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investments. We performed this previous work in accordance with generally accepted 
government auditing standards. 

Should you or your office have any questions on matters discussed in this letter, 
please contact me at (202) 512-9286 or nownerd@gao.gov . 

Sincerely yours, 


David A. Powner 

Director, Information Technology Management Issues 
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Post-Hearing Questions for the Record 
Submitted to Mtu.Karen Evans 
From Senator John McCain 

“Government 2.0: Advancing America into the 21®' Century and a Digital Future” 
(Hearing Date: April 28, 2009) 


1 . Considering the size and vast responsibilities of the E-Govemment office, did you think 
you had sufficient staff, funding and clear direction? If not, where were additional 
resources needed? 

Answer. During my tenure, we had twelve Federal FTE and approximately equal number 
of contractor support. Federal FTE were funded through EOP appropriations while 
contractor support were funded through inter-agency council funding in support of inter- 
agency goals. I believe we had sufficient staff to fulfill statutory goals and functions we 
were required to perform. In support of these goals, the majority of the work is completed 
by federal departments and agencies. In terms of the Office of Management and 
Budget’s (0MB) statutory responsibilities and administrative goals, I had clear direction 
from my senior leadership. These included institutionalizing the functions within 0MB 
and the disciplines throughout the federal government in order to achieve results for the 
American taxpayers, commercial businesses and Federal agencies alike, I believe we 
accomplished these goals. 

In terms of funding, the Bush Administration requested a total of $45 million each year in 
the President’s Budget request for the E-Gov Fund, as authorized under the E- 
Govemment Act of 2002. In the latter years, we requested $5 million annually in 
appropriations with the authority to use $40 million from the Genera! Services 
Administration’s surplus. However, the funds appropriated were approximately $3 
million annually from 2003 - 2008. The Bush Administration achieved many enduring 
results which are documented in the annual E-Govemment Reports. 

2. In your testimony, you described a number of laws that are either outdated or are 
impediments to modernizing federal information management. 

a. How is progress being hindered by these laws? 

Answer: A specific example is the reduction of information collections to reduce 
burden on the public. With the lack of clarity of roles and responsibilities between 
the Administrator for Information and Regulatory Affairs and the Administrator for 
E-Govemment and Information Technology, the analysis which should occur at the 
federal agencies and at 0MB does not happen as it should. There also appears to be 
duplication between the Paperwork Reduction Act and the E-Govemment Act which 
also causes confusion among the agencies. Therefore, the streamlining of many of 
the processes from information collection, dissemination, retention, retrieval are 
inhibited with multiple offices from the 0MB, National Archives and Records 



87 


Administration (NARA), Department of Justice and General Services Administration 
involved in the policy development for aspects of information management. 

b. How should these laws be amended? 

Answer: My recommendation would be to start with the basic question of how to 
manage information now with the infusion of emerging technology. Once you have 
decided how and what should be collected, retained, secured and retrieved by the 
federal government, I would recommend deciding who should be the oversight 
authority(ies). Once this decision is made, I would amend the appropriate statutes 
beginning with the Administrative Procedures Act and followed by the Paperwork 
Reduction Act and the E-Govemment Act. 

3. In your testimony, you mentioned you are concerned that many department-level CIOs 
lack the proper authority to push policy and decisions through all levels of their 
organization. You also mentioned that CIO authority and budget control is inconsistent 
between different federal departments and agencies. 

a. How is effective oversight diminished by these inconsistencies? 

Answer: If the authorities are not aligned, then, bureau/mode/component CIOs 
have limited accountability for not following the policies, framework and/or 
procedures established by the Department-level CIOs . At a minimum, each 
Department-level CIO should have input into each component CIO’s performance 
goals and appraisal. Additionally, the Department-level CIO should have the 
authority to delay and stop a project and/or investment which is not achieving its 
goals and performance metrics. 

b. What are the most pressing concerns with this issue? 

Answer; If procurement authority is aligned to the Department-level CIO, this 
could prevent many activities from going forward within component 
organizations. The CIO does not necessarily have to have ‘budget’ authority but 
they have to have the ability to influence what is being requested and spent by the 
department and the ability/authority to stop a procurement if is not aligned with 
the overall strategic plan, enterprise architecture or not properly platmed or 
resourced for success. 

c. Has this issue been a bigger problem at departments with large component 
agencies such as the Department of Commerce or Department of Justice? 

Answer: Yes, because many component organizations view their authorization 
language as the “authority” which allows them to operate independently of the 
staff offices within the department which in this case is the CIO. For example, at 
the Department of Transportation, the Federal Aviation Authority (FAA) has an 
exemption from the requirements of Clinger-Cohen in their authorization 
language and the FAA also has their own procurement authority. In DOJ, you see 
many challenges with the FBI. It is the leadership personalities of the individuals 
which make it work. In Commerce, you have very strong component 
organizations as well. Additionally, the department entities have to decide they 
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are going to manage centrally and hold the component organization accountable 
for their success and results achieved. 

4. In your testimony, you said that Earned Value Management (EVM) is not a “magic bullet 
solution to project cost and schedule overruns.” Furthermore, you stated that EVM is 
inappropriate for small and medium-sized investments. Why? 

Answer: If you implement full ANSI-748 standards for a project where costs may be less 
than $100,000, then, it is not cost effective. You will spend more dollars to implement all 
the 32 EVMS criteria necessary than the cost of the project itself. This is the reason why 
I am suggesting an “EVM-lite” approach where the methodologies and principles are 
implemented and used to manage the projects but not necessarily all the in-depth criteria 
required and defined in the ANSI-748 industry standard. 

a. Can you provide any examples of performance metrics that can serve as 
alternatives to EVM? 

Answer: If you look at the 32 criteria, you tvill see they are grouped into 5 major 
categories: Organizing, Planning & Budgeting, Accounting; Analysis and Revisions. 
If you divide your IT portfolio into the following types of investments: simple, small, 
medium and large scale, then, you can apply the “principles” of the ANSI-748 
Standard to all the investments. For example, regardless of the type of investment 
you should require the integrated project plan which includes the Work Breakdown 
Structure (WBS) and the Organizational Breakdown Structure (OBS) for all types of 
investments. In order to complete this product, you would have to do all 5 criteria 
associated with “organizing,” your investment/project. This is critical regardless of 
size. Upon execution of the project, 1 would recommend applying the appropriate 
criteria from the other four categories based on scope and size (as in dollars) of the 
investment/project. 

b. Are the alternatives you have suggested widely accepted as industry standards? 
Answer; The suggestion is a slight modification of the industry standard which in 
talking with experts appear to be “acceptable.” There appears to be acceptance of 
this practice throughout industry due to the fact the principles of the ANSI-748 
are being implemented by the departments and agencies. It is critical the 
management practices are repeatable and used consistently throughout the EVM 
program. If they can demonstrate how they are applying the principles, the 
guidelines and criteria on the basis of thresholds, they are meeting the standard 
requirements. 


5. During the hearing, you highlighted that federal IT investments tend to have 3 to 5 year 
lifecycles. It is generally accepted that new technologies released today are obsolete 
within two years (Moore’s Law). 

a. Considering this, was it ever your concern that federal IT investments are obsolete 
before they reach the end of the investment lifecycle? 
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Answer. For planning purposes, the federal government uses the 3 to 5 year cycle 
because this cycle takes into account the planning, acquisition and 
implementation of the investment. During my tenure, we stressed to the agencies 
when developing their business cases to focus on the business functionality and 
business requirements verses the technology. The technology solutions are 
addressed during the acquisition phase of the lifecycle. Polices and regulations 
prohibit the agencies from including name brand specific technologies in their 
procurements to industry flexibility to respond with the most appropriate and 
innovative technical solutions available at the time of the acquisition. By 
following this type of methodology, it addresses the budget cycles within the 
federal government but allows agencies flexibility to get the appropriate technical 
solution through the acquisition phase. If there is proper planning in place, the 
agencies should be evaluating their business requirements with their investment 
review and configuration management boards which also address when they 
would need to conduct a technical refresh of their investments. 

b. If so, can you identify any steps in the procurement process itself that delay the 
point at which systems are fully operational? 

Answer: Requirements need to be clear and validated from the agencies. 
Conducting an independent verification and validation (IV&V) of business, 
functional and technical requirements in advance of procurements is 
recommended, particularly for high budget or complex investments. With the 
clarity from the agencies, then, procurement activities can proceed in a timely 
manner. If the agencies are not clear, then, there are delays because vendors are 
not necessarily able to address the request for proposal adequately. The cycle 
times increase with more uncertainty from the agencies. 

c. Do you have any additional recommendations for reducing these delays that have 
not already been covered in your previous answers or testimony? 

Answer: I would like to stress the necessity for clarity from the agencies in 
articulating the desired outcome of the project. If it is understood, then, the 
procurement and the management of the effort have greater success to achieve 
the intended results. 
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Post-Hearing Questions for the Record 
Submitted to Phillip Bond 
From Senator John McCain 

“Government 2.0: Advancing America into the 21*' Century and a Digital Future” 
(Hearing Date: April 28, 2009) 


1 . Some acquisition problems at DOD result from production beginning before development 
is complete. There have been similar issues with some notable IT investments as well. 

a. How do we make sure that IT investment technologies are mature before we 
purchase them? 

Perhaps we don't. If an IT technology has reached maturity, then it has probably 
ceased to be innovative and the government would be buying older generation 
technologies - older than that available commercially to our adversaries. The 
pace of innovation in technology means that IT is refreshed at least every 18 
months and frequently in far shorter time frames. We should look to acquire the 
oft-noted 80% solution to give the warfighter the latest and greatest technologies 
and preserve our technological edge in the battlespace. 

b. Do you have any other suggestions to foster the kind of necessary research and 
development for future IT investments? 

The key to wise IT investments is in the education and training of the acquisition 
workforce, the expanded use of market research, and the wise decision of DOD 
on which technologies need investment beyond the commercial market. For 
example, the CIA has an office to invest in emerging technologies important to 
their operations. 


2. In your testimony, you recommend that the administration should require agencies to 
develop social networking communications/software strategies to support its mission. 
Please discuss how an agency could utilize such tools in light of concerns such as privacy 
rights, data security, and federal records keeping requirements. 

Many government agencies are already using Web 2.0 social networking tools very 
successfully, so their best practices should be provided to all agencies, perhaps through 
the CIO Council. In addition, GSA is looking into providing acquisition of these social 
networking tools through its procurement vehicles which will make it easier and provide 
for meeting the government’s special needs. 
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3. In your testimony, you mentioned that more patents were issued to foreigners last year 
than to Americans. What are some of your suggestions to promote American leadership 
in technological innovation? 

Unfortunately, there are no quick answers here. There are many solutions, but one of the 
most important is the improvement in the US educational systems especially at the lower 
levels to increase math and science education. As a country, we need to increase our 
STEM graduates. 

4. You testified about the i2010 policy framework developed by the European Commission. 
Are there similar policy initiatives that can be promoted in this country? 

a. The United State should have an ipolicy framework. 

I cited the i20 10 policy framework as an example of a governmental organization making 
a dedicated commitment to using technology innovation to drive government and the 
business community forward. The United States did this when we decided to go to the 
Moon. Today, this Administration is turning to technology to reduce health care costs, 
secure cyber space, provide better services to citizens, conserve energy, and modernize 
our transportation systems, to name but a few examples. The U.S. Government should 
have an e-policy framework that promotes the positive contribution from information and 
communication technologies (ICT) and sets out a high-level vision and policy principles 
for transforming the business of government tlirough technology. 

5. You testified that “government acquisition practices do not allow agencies to keep up 
with the pace of technology innovation.” What do you think are the biggest impediments 
to keeping federal IT investment and innovation at pace with the consumer market? 

We cannot buy IT and electronic technology the way we buy an aircraft carrier, but too 
often we try to. We use an outdated, cold-war era acquisition process to acquire 21*' 
Century technologies and we can’t anymore if we expect to stay technologically ahead of 
our adversaries. We have a requirements and contracting workforce that is lacking 
necessary STEM skills to adequately evaluate technology and IT products for 
government use, conduct adequate market research or complete acquisitions at a pace to 
keep up with innovation. 

6. During the hearing, you explained that procurement milestones and benchmarks 
developed for weapons acquisition do not apply to IT investments and can slow down the 
process for using commercial products. 

a. Could you identify any examples of when these were applied and caused 
problems? 

I sited weapons programs as an example because that is where the government 
can have unique requirements as it is a product being made just for the 
government. But the government is not the predominant buyer of IT and 
technology, it is in fact the commercial market. Because of this, it leaves no 
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incentives for commercial company to make specialized computers or cell phones 
just for the government, 

b. Can you recommend any solutions that might help mitigate this problem? 

We can fix this problem by focusing on purchasing commercial off the shelf 
products that require little specialization to fit government needs. Additionally, 
we need better workforce training on acquisition and project management, 
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